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==Phrack Inc.== 


Volume Two, Issue 23, File 1 of 12 


Phrack Inc. Newsletter Issue XXIII Index 


January 25, 1989 


Greetings once again! Before we really get into the issue, we here at Phrack 
Inc. would like to address some of the questions and comments we’ve been 
hearing lately about the last issue of Phrack Inc. 


When we heard that people were having trouble using the Unix Password Hacking 
Program, we decided to contact the creator and were given this response: 


"My password hacker will compile on anything. I have had it running on Xenix, 
Unix System V 3.1 and BSD 4.3. It sounds as if someone may not know what they 
are doing. I will put money on it working well on any flavor of Unix." 


Now as far as Red Knight’s Unix file and The Mentor’s Beginning Hackers Guide, 
we had absolutely no idea that those files had also been submitted to P/HUN 
and were being distributed. The file on the Internet Worm was a Bitnet release 
that we felt was a good enough piece of information that it should be 
publicized. Readers may wish to make a note that Volume 5, Number 4 of 2600 

M 

fe) 


agazine also has re-released the Internet Worm article and Red Knight’s file 
n Hacking Unix. 


In this issue, note the final chapter of the Vicious Circle Trilogy as well as 
the beginning of the Future Transcendent Saga, both written and created by 
Knight Lightning. Look for the third and fourth chapters of the FTSaga in 
Issue 24 of Phrack Inc. 


Any writers with unreleased files wishing to submit them to Phrack Inc. may 
send them to us via The Prophet or if you have access to a network that 
interfaces with Bitnet, send them to either of our addresses listed below. 

By the same token, anyone on the Bitnet accessible networks, MCI Mail, or GTE 
Telemail who would like Phrack Inc. delivered to their accounts should contact 
WS%. 


Knight Lightning & Taran King 
(C483307@UMCVMB) (C4888 69@UMCVMB) 


Table of Contents: 


Phrack Inc. XXIII Index by Knight Lightning & Taran King 

Phrack Prophile XXIII Featuring The Mentor by Taran King 
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Utopia; Chapter One of FTSaga by Knight Lightning 

Foundations On The Horizon; Chapter Two of FTSaga by Knight Lightning 
Future Trancendent Saga Index A from the Bitnet Services Library 

Future Trancendent Saga Index B from the Bitnet Services Library 
Getting Serious About VMS Hacking by VAXBusters International 

9. Can You Find Out If Your Telephone Is Tapped? by Fred P. Graham (& VaxCat) 
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==Phrack Inc.== 
Volume Two, Issue 23, File 2 of 12 
==Phrack Pro-Phile XXIII== 
Created and Written by Taran King 
Done on January 18, 1989 


Welcome to Phrack Pro-Phile XXII. Phrack Pro-Phile was created to 
bring information to you, the community, about retired or highly important/ 
controversial people. This issue, we bring you a user and sysop having great 
contributions through his boards, articles published, and general phreak/hack 
activity... 


The Mentor 


Handle: The Mentor 
Call Him: Loyd 
Past Handles: An article for Phrack written as The Neuromancer for (then 
present) security reasons. 
Handle Origin: The Grey Lensman series by E.E. ’Doc’ Smith 
Date Of Birth: 1965 
Current Age: 23 
Height: 5’ 10" 
Weight: 200 lbs. 
Eye Color: Brown 
Hair Color: Brown 
Computers: (In order of owning...) TRS-80, Apple //e, Amiga 1000, PC/AT 
Sysop: The Phoenix Project (512-441-3088) 


Origins in Phreak/Hack World: When he was 13, a friend’s father who was a 
professor at a local university gave him accounts to use on one of the PDP 
11/70s at the school. This was his first introduction to mainframes, and 

he was hooked. He continued to use the University’s equipment through junior 
high and high school, upgrading to a DEC-10 and then finally a VAX 8600. 


Needless to say, since he wasn’t a student, acquiring accounts to use was 
sometimes tricky, so he began to write fake front ends, trojan horses, and 
other hacker utilities. Loyd’s interest in hacking grew from this to the point 
where he wanted to get into *everything* instead of just his local systems. 


Origins in Phreak/Hack BBSes: He was involved in the pirate boards from about 
1982 on, during which time many of them doubled as phreak boards. From some 
of these, he got the number for Sherwood Forest and P-80, at which point he 
started calling out. 


People in the Phreak/Hack World Met: ANI Failure, Android Pope, Bad Subscript, 
Control C, Crimson Death, The Dictator, Doom Prophet, Erik Bloodaxe, Ferrod 
Sensor, Forest Ranger, Hatchet Molly, Knight Lightning, The Leftist, Lone 

Wolf, Lucifer 666, Phantom Phreaker, Phase Jitter, Phlash Gordon, Phrozen 
Ghost, The Protestor, Surfer Bob, Taran King, Terminal Technocrat, Tuc, 

The Ubiquitous Hacker, The Urvile/Necron 99. 


Experience Gained in the Following Ways: Hacking. You can read all the gfiles 
in the world, but unless you actually go out and hack, you’re going to remain 

a novice. Getting in systems snowballs. It may take you a while to get in 
that first one, but after that it becomes easier and easier. 


Knowledge Attributed To: All the people who were willing to help him when he 
was starting out plus actual hands-on experienc 


Memorable Phreak/Hack BBSes: Sherwood Forest, The Protestor’s Shack, Metal 
Shop (when it first went private), Stalag-13, Catch-22, Hacker’s Hideout, 
Arisia, The Phoenix Project, Tuc’s Board - RACS III (LOGONIT) 
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Work/Schooling (Major): BS in Computer Science, work as a graphics programmer. 
Conventions/Involvements Outside of Phone Calls: Nationally ranked saber 


fencer in 1985 & 1986, serious science-fiction collector & role-playing gamer, 
play guitar, bass, and keys in various bands. 


Accomplishments (Newsletters/Files/Etc.): He’s written at least half a dozen 
files for Phrack, and has had articles in the LOD/H Technical Journal, P/HUN 
newsletter, and has written the always-popular Hackin’ Off column in Thrasher 
on a few occasions. 


Phreak/Hack Groups: Currently an active member of the Legion of Doom/Legion 
of Hackers, formerly a member of the PhoneLine Phantoms, The Racketeers, 
and Extasyy Elite (gag.) 


Busts: Being busted led to his retirement for around one year. He thinks 
everyone ought to take some time off: It helps put all this in perspective. 


Interests: VAX computers, packet switched nets, and computer graphics. 
Favorite Things: His wife, my cat, Chinese food, the blues, jazz, high-prived 


UUCP accounts, unpassworded accounts, DCL, Modula-2, double-buffering, Stevie 
Ray Vaughn 


Most Memorable Experiences: Getting married (6 months now!), getting pulled 
out of a political science class and dragged down to jail, dragging Control C 
away from drawing LMOS diagrams for a bunch of drunk high school girls, 
SummerCon in general, Knight Lightning jumping up on a bed and yelling 
"Teletrial!," carrying on a 45 minute conversation on blue boxing & phreaking 
in general with a guy at the gym where he works out, then finding out he’s in 
charge of security for my local telco, trojaning the Star Trek program on his 
college’s DEC-10 so that everyone who ran it executed my fake front end program 
next time they logged in... 


Some People to Mention: Android Pope- He’s got to have *someone* to get into 
trouble with! 
Erik Bloodax s abov 
Compuphreak-— For helping him get started & 


answering a lot of dumb questions (ok, 
explain this diverter thingy to me 


again...) 
The Maelstrom- see above. 
The Urvile- dood. 
INSIDE JOKES: "Do you think it’s a good idea to do this before we get on the 


plane?", "Gosh, I wish people would find somewhere else to dispose of their 
phlegm.", "Hi, you must be Dan. Take these.", "If I get busted, I’m going to 
burn down your house with you and your entire family inside.", "Trust me. You 
need another beer.", "This hall seems like it goes on forever!", "It was nice 
of them to box this stuff up for us!", "All of you! Out! Now!", "Surely you 
aren’t going to touch that girl?", "If they stop us, we shoot them and drive to 


New York and change identities. It’s foolproof.", "You really want to talk 
phones?", "I can’t believe you made him cry. That’s sad.", "Mr. Letterman?", 
"Do you speak DCL?", "No you idiot, GERMANY!!!!", "Now see, you do this, then 


type this, and boom! Codes for days.", "Ma’m, I’m sorry to tell you this, but 
your son is a computer criminal.", "How much for the rocket launcher? Is that 
with or without ammo?", "By now you’ve guessed, you’ve been had.", "Well, if 
you’re going to be working at the jail, maybe you can help them out with their 
computers.", "No, she really wants us both!", "What’s in the briefcase?", "It’s 
my Older brother’s gun, officer.", "Bell Communications Research presents...", 
"T’1ll pay you $500 for the last four digits of his phone number. Just give me 
a hint." 


Are Phreaks/Hackers you’ve met generally computer geeks? Strangely enough, 
the better ones he’s met aren’t, but a lot of the posers are. 


Thanks for your time Loyd... 
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In the past John Maxfield has estimated that there are about 50,000 
hackers/phreaks/pirates operating in the United States today. That figure has 
multiplied to to a point where it probably comes close to 500,000. Believe it 
or not, almost everyone has been a member of one of the above groups (or 
perhaps a group not mentioned) at one time or another. 


Today’s telecom security consultants and law enforcement agencies know this too 
and that is how group affiliations can be turned against us. 


What does being in a group mean? In the modem community being in a group is 
supposed to mean that the people in the group work on projects together and 
trade specific information that people outside of the group are not allowed to 
access and by the same token, have no way to get it. However, obviously the 
people in the group all feel that the other people with whom they are sharing 
information, can be trusted and are worthy of associating with them to begin 
with. So when you stop and think about it, if there was no group, the people 


in question would still be trading information and would still trust each other 
because they would not have formed the group unless this criteria was met in 
the first place. So in truth, being in a group really means nothing on the 


basis previously mentioned. 


You see in the modem community, being in a group really is more like a power 
trip or a "security blanket" for people who feel that they need to let people 
know that they associate with a specific clique in the hopes that the 
popularity of some of the other members will lend popularity to themselves. 


Many groups form in such a way that they try to make it look otherwise and thus 
begins the real problem. Some groups are formed by a person who tries to get a 
lot of guys together that he feels knows a lot or seems to post a lot of good 
information - Bad Move; If you are going to form a group at all, stick with 
people who you know can be trusted (can you really ever "know" who can be 
trusted?) and then out of those people form your group or choose who you feel 
should be in it. 


Anyway, to prove that they are elite, most groups begin to gather specific data 
for giving to group members, and this includes handing out their own names and 
phone numbers with other members of the group. They feel a false loyalty and 
psychologically create such utter faith in all the members that the faith is 
ultimately blind and based on hopes and aspirations of greatness. 


What is the best way for a security agent or informant to blend in with the 
modem community? Join as many groups as possible, start gathering data on 
the members, and spread your handle throughout the community to become "well 
known." 


Example: Taken From Phrack World News Issue XV; 


[This article has been edited for this presentation. -KL] 


Mad Hatter; Informant? July 31, 1987 
We at Phrack Inc. have uncovered a significant amount of information that has 
led us to the belief that Mad Hatter is an informant for some law enforcement 
organization. 


When Taran King, Cheap Shades, Forest Ranger, and Knight Lightning arrived at 
Control C’s in Chicago, Illinois, Mad Hatter had already searched the place and 
had found some papers that could only have done “C harm. We destroyed this 
information and thought everything was ok. However, as it turns out, we 
searched Mad Hatter’s bags and found a duplicate set of this information and 
the general hypothesis was they he intended to leave it behind as incriminating 
evidence. 


Mad Hatter had also brought down several disks for the purpose of copying 
Phantasie Realm. Please note; PR was an IBM program and MH has an apple. 


Control C told us that when he went to pick Mad Hatter up at the bus terminal, 
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he watched the bus pull in and saw everyone who disembarked. Suddenly Mad 


Hatter was there, but not from the bus he was supposed to have come in on. In 
addition to this, he had baking soda wrapped in a five dollar bill that he 
tried to pass off as cocaine. Perhaps to make us think he was cool or 
something. 


Mad Hatter constantly tried to get left behind at *C’s apartment for unknown 
reasons. He also was seen at a neighbor’s apartment making unauthorized calls 
into the city of Chicago. When asked who he called, his reply was "Don’t worry 
about it." Mad Hatter had absolutely no money with him during PartyCon (and 
incidentally he ate everything in *C’s refrigerator) and yet he insisted that 
although he had taken the bus down and had return trip tickets for the bus, 
that he would fly back home. How was this going to be achieved? He had no 
money and even if he could get a refund for the bus tickets, he would still be 
over $200 short. When asked how he was going to do this, his reply was "Don’t 
worry about it." 


On Saturday night while on the way to the Hard Rock Cafe, Mad Hatter asked 
Control C for the location of his computer system and other items 4 times. 

This is information that Hatter did not need to know, but perhaps a SS agent or 
someone could use very nicely. 


When Phrack Inc. discovered that Dan The Operator was an FBI informant and made 
the news public, several people were criticizing him on Free World II Private. 
Mad Hatter on the other hand, stood up for Noah and said that he was still his 
friend despite what had happened. Then later when he realized that people were 
questioning his legitimacy, his original posts were deleted and he started 
saying how much he wanted to kill Dan The Operator and that he hated him. 


Mad Hatter already has admitted to knowing that Dan The Operator was an FBI 
informant prior to SummerCon ’87. He says the reason he didn’t tell anyone is 
because he assumed we already knew. 


When Mad Hatter first entered the phreak/hack world, he joined; 


Phreaks Anonymous World Wide (PAWW), 
MetalliBashers, Inc (MBI), 

Order of The Rose, and 

Cult of The Dead Cow (-cDc-). 


If you were a security agent or a loser hacker turned informant and you wanted 
to mix in with the phreak/hack community, wouldn’t you try to join as many 
groups as possible to spread your name? 


Phreaks Anonymous World Wide, MetalliBashers, Inc., Order of The Rose, and 

Cult of The Dead Cow, not exactly the toughest groups to join and once there is 
one security person in the group, he is bound to vouch for others, etc. So 
while he spreads his name as an elite modem user throughout the community, he 
is busy gathering information on group members who are foolish enough to trust 
him. 


Its not bad enough that some groups are easy enough to infiltrate as it is, but 
does anyone remember this? 


Taken From Phrack World News Issue XI; 


Phortune 500: Phreakdom’s Newest Organization February 16, 1987 
For those of you who are in the least bit interested, Phortune 500 is a group 
of telecommunication hobbyists who’s goal is to spread information as well as 
further their own knowledge in the world of telecommunications. This new 
group was formed by: 


Brew Associates / Handsomest One / Lord Lawless / The Renegade Chemist 
Quinton J. Miranda / Striker / The Mad Hacker / The Spiker 
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These eight members are also known as Board Of Directors (BOD). They don’t 
claim to be *Elite* in the sense that they are they world’s greatest hacker, 
but they ARE somewhat picky about their members. They prefer someone who knows 


a bit about everything and has talents exclusive to him/herself. 


One of the projects that Phortune 500 has completed is an individual password 


AE type system. It’s called TransPhor. It was written and created by Brew 
Associates. It has been Beta tested on The Undergraduate Lounge (Sysoped by 
Quinton J. Miranda). It is due to be released to the public throughout the 


next few months. 


Phortune 500 has been in operation for about 4 months, and has released two 
newsletters of their own. The Phortune 500 Newsletter is quite like the 
"People" of contemporary magazines. While some magazines cover the deep 
technical aspects of the world in which we communicate, their newsletter tries 
to cover the lighter side while throwing in information that they feel is "of 
technical nature." The third issue is due to be released by the end of this 
month. 


*>=-> The Phortune 500 Membership Questionnaire <-=<* 


Note: The following information is of a totally confidential nature. The 
reason you may find this so lengthy and in depth is for our knowledge of 
you. We, with Phortune 500, feel as though we should know prospective 
members well before we allow them into our organization. Pending the 
answers you supply us, you will be admitted to Phortune 500 as a charter 
member. Please answer the following completely... 


Handle 

First Name 

Voice Phone Number 

Data Phone Number 

City & State 

Age 

Occupation (If Applicable) 
Place of Employment (Optional 
Work Phone Number (Optional 
Computer Type 

Modem Type 

Interests 

Areas Of Expertise 

References (No More Than Three) 
Major Accomplishments (If Any) 


~~ 


~~ 


Answer In 50 Words Or Less; 
“** What Is Phortune 500 in Your Opinion? 
“x Why Do You Want To Be Involved With Phortune 500? 


“x*< How Can You Contribute to Phortune 500? 


Please answer each question to the best of your ability and then return to any 
Phortune 500 Board of Directors Member Or a Phortune 500 BBS: 


The Private Connection (Limited Membership) 219-322-7266 
The Undergraduate AE (Private Files Only) 602-990-1573 


An actual application form for joining a group. Perhaps the concept was a good 
one, perhaps not, but from a standpoint of publicity and security, this was a 
complete and utter catastrophe. 


Basically we are all here to learn in one way or another. Groups and clubs 
in our community only seem to segregate it and at a time when everyone should 
be pulling together, this is not such a good idea. Privacy and security are 
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important factors that motivate these sects within the society, but ultimately 
are the final consequences worth the trouble of creating a group? 


If groups had not been created, there would not be as much attention on the 
phreak/hack community as there is right now. When group names start spreading, 
it starts the law enforcement agencies into a panic that its big time organized 
crime. This allows them to justify more time and money into the apprehension 
of computer criminals and usually they go after the big names; the people in 
the most "elite" groups. 


Now before you, a member of a group, start criticizing this file, please 

understand, I am not referring to any particular groups here, just groups in 
general. Any and all comments made about MBI, -cDc-, PAWW, OOTR, and P500 
s 
b 


hould not be taken personally and were used only as examples of how groups can 
e potential security problems. 


here are some groups that are worthwhile organizations and its obvious because 
that have existed through the years and been productive. However, the only way 
to keep this community alive is for everyone to work together to protect and 
learn from each other. 


:Knight Lightning 


"The Future Is Now" 
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Welcome To The Next MILLENNIUM Of The Communications Realm 
The Future is NOW! 


As most people will agree, college and university computers are th asiest to 
gain access to, both legally and illegally. Bitnet is only one of the many 
interconnected wide area networks, but I felt that it was the most important to 


discuss because all major colleges and universities are connected by it and as 
such creating an almost utopian society for the technologically inclined. It’s 
free, legal, and world encompassing -- anything that incorporates "free" with 


"legal" and is useful has to hold some sort of perfection and thus the name of 
this file. 


For the people already on Bitnet, this file may seem somewhat basic and most 
likely contains information that you are thoroughly aware of, but you never w 
know what a little extra reading might lead you to discover. Once again 
welcome to the future... a future where limits are unknown. 


:Knight Lightning 


The Origin Of BITNET 


by Jester Sluggo 


In 1981, the City University of New York (CUNY) surveyed universities on the 
east coast of the United States and Canada, inquiring whether there was 

interest in creating and easy-to-use, economical network for interuniversity 
communication between scholars. The response was positive. Many shared the 
CUNY belief in the importance of computer-assisted communication between 
s 
b 
t 


cholars. The first link of the new network, called Bitnet, was established 
etween CUNY and Yale University in May 1981. The term BITNET is an acronym 
hat stands for "Because It’s Time NETwork." 


The network technology chosen for Bitnet was determined by the availability 
of the RSCS software on the IBM computers at the initial sites. The RSCS is 
simple and effective, and most IBM VM/CMS computer systems have it installed 
for local communications, supporting file transfer and remote job entry 

services. The standard Bitnet links are leased telephone lines running 9600 


bps. Although the initial nodes were IBM machines in university computers 
centers, the network is in no way restricted to such systems. Any computer 
with an RSCS emulator can be connected to Bitnet. Emulators are available for 
Digital Equipment Corporation VAX/VMS systems, VAX-UNIX systems, and for 
Control Data Corporation Cyber systems and others. Today, more than one-third 


of the computers on Bitnet are non-IBM systems. 


There is also some talk in the Bitnet scientific community of a merger between 
Bitnet and CSnet (Computer Science Network). It is unknown when or if such a 
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merger will take place, but it is only a step in the right direction. 


Note: NetNorth is the Canadian division of Bitnet and EARN is the European 
division of Bitnet. They are all directly connected and together serve 
as one network and not three. It is often referred to as 
BITNET/NetNorth/EARN. 


The Basics Of Bitnet 
In order to make any sense out of this file, you should first have a basic 
understanding of mainframes and userids, etc. Since most readers of Phrack are 
computer enthusiasts, there is a pretty good chance that you understand these 
things already. If not, you may want to find documentation on the topic. The 
Mentor’s Beginning Hackers Guide, which was published in Phrack Inc. XXII 
contains some information that might help you. The concepts presented in this 
file are not terrible difficult to understand, but you should not jump into 
this totally unprepared either. 


You should also be a little familiar with the type of hardware and operating 
system you will be using. Most IBM systems in Bitnet run VM/CMS. The Digital 
Equipment Corporation (DEC) VAX systems usually run an operating system called 
VMS along with a software package called JNET which allows them to communicate 
via Bitnet. I will be referring to VM/CMS and VMS/JNET throughout this file. 
I myself currently use an IBM 4381 that runs VM/CMS and thus I am much more 
familiar with that type of system. 


[Try to think of the mainframe as the telephone and Bitnet as the telephone 
lines. You see, the mainframe you log onto is connected to mainframes at other 
universities and institutions. The connection is usually a high-speed leased 
line, a special sort of telephone connection. In away, these computers are 
always on the phone with each other (except when links go down, discussed in 
the section on MESSAGES). This particular network is what is known as a "store 
and forward" network. This means that if I send something to someone in Los 
Angeles, the computers in the network between New York and California will 
store and forward it from computer to computer until it reaches it’s 
destination. 


In Bitnet, there is only one way from "Point A" to "Point B." A small piece of 
the network might look like this: 


[As Te [CB ies) es | 
| 
De fe= (EB bese l= Gls. | 
| | 
| I |--| J | | K |--| L | 
| 
[AME |e Ne t= 108 lt] RS | 


Those boxes represent computers in the network, and the dashes between them ar 
the leased lines. If I am at computer "A" and I send a file to someone at 
computer "N" it would travel the following path: 


A-B-D-E-F-G-K-N 


Actual topology maps are available for download from LISTSERV@BITNIC, but we 
will be discussing servers later in this file. Like I mentioned before, ther 
is only one route between any two nodes and there is simply no way to bypass a 
disconnected link. 
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Each of the computers in BITNET is called a "node" and has a unique name that 
identifies it to the other nodes. For example, one of the mainframe computers 
at the University Of Missouri-Columbia has the nodename UMCVMB. So what does 
that mean exactly? Well in this case, UMC comes from the name of the school, 
VM comes from the Virtual Memory operating system, and B is just an 
alpha-numerical identifier. At one time there was a UMCVMA, but that system 
was taken down a couple of years ago. One thing to note here is that although 
this particular node can be broken down into its parts, many nodes do not 
follow this pattern and some nodes have "aliases." An alias is just another 
name for the node and both names are recognized by all Bitnet facilities. An 
example of this is STANFORD. The nodes STANFORD and FORSYTHE are the same 
place so... 


CYPHER@STANFORD = CYPHER@FORSYTH 


E 


Your userid in combination with the name of your node is your "network 
address." It is usually written in the format userid@node (read "userid at 
node"). For example, the name of my node is UMCVMB, and my userid is C483307. 
Therefore, my network address is C483307@UMCVMB. If I know the userid@node of 
someone in the network, I can communicate with that person, and he/she can 
communicate with me. I have found many interesting people on the networks. 
Making use of the direct chatting capabilities of Bitnet I am able to talk to 
them in "real-time." You can do this too, all you need to know are a few 
commands. This is explained in part two. 


Messages 


There are thr basic methods of communicating via Bitnet: MAIL, MESSAGE, and 
FILE. The reason you would choose one over the other for a particular 
application will become clear after a little explanation. 


The MESSAGE is the fastest and most convenient method of communication 
available through Bitnet. It is the network’s equivalent of a telephone 
conversation. The difference of course is that the words are typed instead of 
spoken. The message you type is transmitted immediately (well, quickly) to its 
destination. In BITNET this destination is the network address (userid@node) 
of the person you want to contact. If the person you are contacting is logged 
on, the message will be displayed on their screen. If not, their computer 

will tell you so by sending you a message. In this case, your message is lost 
forever. In other words, no one is there to answer the phone. However, many 
people run a program called GONE (and there are other similar programs) which 
acts like an answering machine and holds your message until they log on. Some 
universities do not allow this program because it uses a lot of CPU time. If 
your school or mainframe does not allow it, do not try to sneak its use, 
because it is very easy to detect. 


One important thing to mention is that not all nodes allow interactive chat. 
Some nodes are simply not advanced enough for it and you will a receive a 
message telling you this whenever you try to chat with them. However, this 
situation is less common. 


The command to send messages depends on your computer and system software. 
People on VM/CMS systems would type something like this: 


TELL userid AT node message OR TELL userid@node message 


For example: 


TELL MENTOR AT PHOENIX Hey, whats new on The Phoenix Project? 


the message you are sending 


the node of the recipient 


the userid of the recipient 
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ea) 
FH 


People on VAX/VMS systems using the JN 
syntax: 


networking software would use this 


SEND userid@node "message" 
For example: 


SEND MENTOR@PHOENIX "Hey, whats new on The Phoenix Project?" 


the message you are sending 


the node of the recipient 


the userid of the recipient 


The quotes around the message are optional. However, the JNET networking for 
VAX/VMS will translate your entire message into upper-case characters if you 
DO NOT use them. Many people find receiving messages in all upper case to b 
extremely annoying. 


For more information on the TELL and SEND commands, you should consult your 
local system documentation. 


When a message arrives on your screen, it will look something like this: 


FROM PHOENIX(MENTOR): Hello! Things are great here, you? 


Unfortunately there is a downside to everything and Bitnet Messages are no 
exception. Text sent by message must be short. In general, your message 
length can be one line, about the width of your screen. In other words, you 
won’t be sending someone a copy of Phrack World News via the TELL command. 


Also, you can only communicate with someone in this way when they are logged 
on. Considering time zone differences (you may find yourself talking to 
people in Europe, Israel, or Australia) this is often quite inconvenient. 


Lastly, there is the problem of links that I call LinkDeath. If the connection 
to the node you want to contact is broken (by for example, a disconnected phone 
line), you’ll receive an error message and whatever you sent is gone. This can 
be very annoying if it should occur during a conversation. The LinkDeath may 
last a few minutes or several hours. Often times, a link will go down for the 
weekend and you are simply out of luck. Even worse is when it is the link that 
connects your mainframe to rest of Bitnet... you are cut off. 


However, messages are very far from useless. As I will demonstrate in chapter 
two, TELL and SEND ar xtremely helpful in accessing the many servers on 
Bitnet. 


FILES are another way to communicate over Bitnet. The text files and programs 
that you store on your computer can be transmitted to users at other nodes. 
This is one of the methods that I use to distribute Phrack issues across not 
only the country, but the world. People on VM/CMS systems would use a syntax 
like this: 


SENDFILE filename filetype filemode userid AT node 


For example: 


SENDFILE PHRACK TEXTFILE A PROPHET AT PHRACKVM 


| 
| the address of the recipient 


4.txt 


However, 


For 


The 


For 


ne 


unless they are in your NAMES file. 
that translates userid 
people. 
userid@node. Th 
"PHRACK TEXTFILE" 
address, 
MENTOR@PHO 


e/she logs on. 
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+ the fil 


SENDF ILE 


PHRACK TEXTFILE A TO (nickname) 


you 


some reason at my node, you 


cannot use SENDFILE 


filemode, in this example "A", 
is on. In case you were wonder 
most of the addresses in this fil 


syntax for VMS/JNET systems is quite similar: 


SEND/FILE filename.extension userid@node 
example: 
SEND/FILE PHRACK.TEXTFILE PROPHET@PHRACKVM 
th 


to se 


are sending 


at my particular node the command would read: 


is the disk that the file 
with the exception of my 


ing, 


fil 


th 


file sent is stored in the 


you 


"electronic mailbox" of the recipient until 
People on VM/CMS systems would use the RECEIVE 


e like PROPHET@PHRACKVM or 
ENIX are bogus and just examples for this presentation. 


address of the recipient 


are sending 


or RDRLIST 


nda file to anyone 
The NAMES file is a database type of list 
@node into nicknames to make it easier to chat with 
This way you can use their nickname instead of the tiresome 


T 

h 

(shortened to "RL") 
fe) 

d 


commands to process 


BIVE 


command. 


n VAX/VMS systems would use the REC 


ocumentation for more information o 


SEND/FILE and SENDFIL 


like Phrack issues ov 
everyday communicatio 


Mail 


n these commands. 


files sent to them in this way. 
You should check your 


People 
local 


EF are useful for sending programs or large volumes of data 
r the network. However, they should not be used for 
n because there is a much easier way -- the MAIL. 

The other form of Bitnet communication has been given a very apt name: MAIL 


(often called 
mail, 
mail 


documentation for information. 
is automatically placed in the 


address) 


"electronic mail" 
you provide an address, 
software differs from site to site, 
On my particular node, 


or 


able to shed some 


Mail 
makes them different 
mail 
this: 


Date: Fr 
From: 


Subject: 


light on what most mail 


is the 


i, 


Forest Ranger <RANG 
Cable Pair Busted For Child Molestation< 


"e-mail"). 
return address, 


29 Dec 88 23:52:00 EDT 


and text. 
so you will have to 


letter. 


files are really just specially formatted text files. 
"mail header." 
software that it is not a regular text file. 


This tells 
It 


Just like regu] 
Software for sending 


lar postal service 


look in your local 
the return address 
This presentation should be 
looks like and how it works. 


(your 


The feature that 
a Bitnet system and your 
looks something like 


The address of the recipient 


The subject 
Your address 


Todays date | 


ER@ST 


iWVAX1> <-- 
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To: Phrack World News <KNIGHT@MSPVMA> rata ae oar + 


An entire mail message would look like this: 


Mail header 


Date: Fri, 29 Dec 88 23:52:00 EDT 

From: Forest Ranger <RANGER@STLVAX1> 

Subject: Cable Pair Busted For Child Molestation 
To: Phrack World News <KNIGHT@MSPVMA> 


+ Have you seen the newspapers? Is this good news, or what? I think that 
the ramifications are startling. This is one more step on the road to a 
higher civilization. I hope he gets what he deserves. Keep in touch, I 
will send more information later. 


Mail text 


Mail has a number of advantages. The size of a mail file is limited only by 
you and is the only way to send files to networks other than Bitnet (However, I 


do not recommend that you transmit anything longer than 3000 lines). When your 
mail reaches the destination address, it will be stored in the user’s mailbox 
until they read it. If the links to that particular node are disconnected, 


your mail will be held until the path is clear for the mail to continue on its 
route to the recipient’s mailbox. 


The disadvantage of mail is that it is, indeed, slower than messages. The 
longer your mail file, the longer it will take to get from Point A to Point B. 


Conclusion 

Don’t despair, this is only the conclusion to this file. The best functions of 
Bitnet are yet to be described. Join me in the second chapter of The Future 
Transcendent Saga -- Foundations Upon The Horizon. 


Also included in this issue of Phrack are sitelists for Bitnet. Actual node 
directories are available from LISTSERV@BITNIC, but they are much too large to 


be printed here. However, the files that are included list the names of the 
universities and institutions that are connected to Bitnet without their node 
addresses (some institutions have over 30+ nodes). If you attend a college or 


university that is hooked into Bitnet, then join me in the realm of infinite 
discovery. When you do, drop me a line... 


:Knight Lightning (C483307@UMCVMB) 


For related reading please see; 


An Insight On Wide-Area Networks Part 2 by Jester Sluggo 
(Phrack Inc. Issue 6, file 8) 


Communications Of The ACM 
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ture Transcendent Saga. 
s of Bitnet 


In this file, 
(although there are some 


services and servers on other networks as well). You will learn what the 
servers are, how they differentiate, how to use them, and come to a better 
understanding of how these Foundations Upon The Horizon help make Bitnet a 


virtual Utopia. 


What Is A Server? 


One of most useful features of Bitnet 
servers, relays, and so on. 


"server machines." 


A "server" is a userid a lot 
or on some other BITNET nod 


like your 


They might 


is the variety of file servers, 
be described as 


name 


"virtual machines" or 


s. It may exist on your computer (node) 


running a program that will respond to 
commands you send and the way in which 
the particular program being run. For 
107633@DOLUNI1 offer different types o 
commands. The various kinds of server 


The peopl 


who set up this userid have it 
your commands. This is a "server." The 
the server responds to them depends on 
xample, the servers UMNEWS@MAINE and 

f services, and require different 

s are described later in this docume 


At 


You can send your commands to most servers in one of two formats: 


Not all servers accept commands 


via both formats, 


MAIL or 
M 


a 
G 


ESSAGE. 


but this information is 


included in the document BITNET SERVERS which can be obtained from 
LISTSERV@BITNIC. Because there are so many servers I will not even begin to 
list them here. Different servers are created and disconnected everyday so it 
would be difficult to name them all. 


People on VM/CMS systems would send commands something like this: 


al 


ELL userid AT node command 


For example: 


Ge 
bE 


WW 


ELL N 


ETS 


ERV@MARIST HI 


LP 


People on VAX/VMS systems using the JN 
syntax: 


SEND userid@node 


"command" 
For example: 


SEND 


N 


ETSERV@MARIST 


"W HI 


ELP" 


Many servers can also accept commands via mail. 


your commands in that format, 


such as the servers on th 


ET networking software would use this 


Indeed, some will only accept 


non-Bitnet nodes. The 
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syntax for the commands you send remain the same. You send mail to the server 
as if you were sending the mail to a person. The text of your message would be 
the command. Some servers will take the command as the first line of a text 
message, others require it in the "Subject:" line. Some servers will accept 
more than one command in a mail message, others will take only one. Here is 
an example of a mail message sent to LISTSERV@BITNIC requesting a list of 
files: 


Date: Fri, 30 Dec 88 23:52:00 EDT 

From: Taran King <SYSOP@MSPVMA> 

To: Listserv <LISTSERV@BITNIC> 

INDEX 
Throughout this file I will us xamples where commands are sent to servers via 
message. However, for many of the cases we will present you have option of 
using mail. The choice is yours. 


There are two particularly confusing aspects of servers of which you should be 
aware. First, servers in the same category (say, file servers) do not always 
accept the same commands. Many of them ar xtremely different. Others are 
just different enough to be annoying. There are many approaches to setting up 
a server, and everyone is trying to build a better one. 


The second problem is that there are many servers that fill two, sometimes 
three categories of server. For example, LISTSERV works as a list server anda 
file server. Many LISTSERVs have been modified to act as name servers as well, 
but they are rather inefficient in this capacity. If you do not understand 
this terminology, bear with me. The best is yet to come. 


File Servers 

Remember that a server runs on a userid much like yours. Like your userid, it 
has many capabilities, including the ability to store files (probably with a 
much greater storage capacity though). The program that a file server runs 
enables it to send you files from its directory, as well as a list of files 
available. These may be programs or text files. You might look at these 


as 


servers as Bitnet versions of dial-up bulletin boards or AE Lines. 


You can generally send three types of commands to a file server. The first 
type is a request for a list of files the server offers. The second is a 
request that a specific file be sent to your userid. The third, and most 
important is a HELP command. 


The HELP command is very important because it is one of the few commands that 
almost all servers accept, no matter what the type. Because the commands 
available differ from server to server, you will often find this indispensable. 
Sending HELP to a server will usually result in a message or file sent to your 
userid listing the various commands and their syntax. You should keep some 

of this information handy until you are comfortable with a particular server. 


To request a list of files from a server, you will usually send it a command 
like INDEX or DIR. The list of files will be sent to you via mail or ina 
file. For example: 


VM/CMS: TELL LISTSERV@BITNIC INDE 
VMS/JNET: SEND LISTSERV@BITNIC "INDEX" 


To request a specific file from the list you receive, you would use a command 
like GET or SENDME. For example to request the file BITNET TOPOLOGY from 
LISTSERV@BITNIC you would type on of the following: 


os 


VM/CMS: TELL LISTSERV@BITNIC SENDME BITNET TOPOLOGY 
VMS/JNET: SEND LISTSERV@BITNIC "SENDME BITNET TOPOLOGY" 
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In many cases the files are organized into subdirectories or filelists. This 
can make requesting a file more complicated. This makes it even mor ssential 
that you keep documentation about a particular server handy. Some file servers 


offer programs that you can run which will send commands to the server for you. 


Name Servers 


Name servers serve two purposes; to assist you in finding an address for 


someone or to help you find people with specific interests. I doubt you are 
going to care about tracking down people by their interests, so I am not going 
to discuss those aspects of nameservers. The servers that actually let you 


look up people are few and far between. Because there are so few I have 
composed this list; 


Columbia University FINGER @ CUVMA 
Cork University INFO @ IRUCCIBM 
Drew University NAMESERV @ DREW 
North Dakota State University FINGER @ NDSUVM1 
Ohio State University WHOIS @ OHSTVMA 
Pennsylvania State University IDSERVER @ PSUVM 
Rochester Institute Of Technology INFO @ RITVAXD 
LOOKUP @ RITVM 
State University of New York (SUNY) at Albany WHOIS @ ALBNYVM1 
University of Calgary NAMESERV @ UNCAMULT 
University of Kentucky WHOIS @ UKCC 
University of Illinois at Urbana-Champagne PHSERVE @ UILUCVMD 
University of Louisville (Kentucky) WHOIS @ ULKYVM 
University of Regina VMNAMES @ UREGINA1 
University of Tennessee UTSERVER @ UTKVM1 
Weizmann Institute of Science VMNAMES @ WEIZMANN 


So as not to be misleading, these servers do not necessarily cover th ntir 
school. Example: The server at University of Louisville covers people on the 
node ULKYVM, but not the nodes ULKYVX0x (x = 1 - 8 I believe). ULKYVX is a 
VAXcluster of nodes at University of Louisville, but the people on those 
systems are NOT indexed on the server at ULKYVM. In contrast, the nameserver 
at University of Illinois contains online listings for every student and staff 
member whether they have accounts on the computer or not. You can get phone 
numbers and addresses using this. Please note that the above list is only to 
the best of my knowledge and others may exist. 


There are also many Listservs that have a command to search for people, but 
with Listserv, signing up is by choice and not mandatory. You also will end up 
getting listings for people from nodes other than the one you are searching. 


Ok, lets say I am trying to find an account for Oryan QUEST and I am told by a 
friend that he is going to school at Ohio State University. Ohio State 
University has a nameserver and if he has an account on their computer I should 
be able to find him. 


VM/CMS: TELL WHOIS@OHSTVMA Quest 
VMS/JNET: SEND WHOIS@OHSTVMA "Quest" 


This particular nameserver only requires that you enter the persons name with 
no "search" command. Some servers require this. Your best bet is to send the 
command "HELP" first and you’ll receive documentation. 


Ok, back to the example... unfortunately, there is no entry for "Quest" and I 
am out of luck. I should have been smart enough to realize that no college 
would be likely to let Oryan QUEST enroll in the first place -- my mistake. 


In any case, I highly recommend that you register yourself with UMNEWS@MAINE 
and BITSERVE@CUNYVM. These are popular nationwide servers that are often used 
to locate people. 


Forums, Digests, and Electronic Magazines 


he concept of mailing lists has been given new life with the creation of 
computer networks. Let me explain what I mean. Almost everyone is on some 

sort of mailing list; magazines, bills or even pamphlets from your congressman.. 
he computer networks have brought a whole new degree of speed and 

functionality to mailing lists, as you will see. 


In Bitnet, mailing lists are used mainly to keep people with similar interests 
in contact. There are several formats in which this contact can take place. 
These are "forums," "digests," and "electronic magazines". 


FORUMS are a good example of how the utility of mailing lists has been expanded 
in Bitnet. Let’s say that you have subscribed to a forum for people interested 
in Cyberpunks. How you could subscribe to such a list will be described later. 
Another person on the mailing list sends mail to a server where the list is 
kept. This server forwards the mail to all of the people in the forum. When 
mail from a forum arrives in your computer mailbox, the header will look much 
like this: 


Date: Fri, 10 Sep 88 23:52:00 EDT 

Reply-To: CYBER Discussion List <CYBER-L@PUNKVM> 

Sender: CYBER Discussion List <CYBER-L@PUNKVM> 

From: Sir Francis Drake <DRAKE@WORMVM> 

Subject: Invasion From X-Neon! 

To: Solid State <SEKER@PLPVMA> 
This may look a little confusing, but there really isn’t much to it. In this 
example, Sir Francis Drake ("From:") sent mail to the CYBER-L list address. 
This server then forwarded the mail to everybody on the list, including Solid 
State ("To:"). Note the line named "Reply-To:". This line tells your mail 
software that when you reply to the note (if you reply) that the reply should 
go to the list... meaning *everybody* on the list. People will in turn reply 


to your mail, and you have a forum. 


Some forums are very interesting, but using the digests can lead to problems. 
First among these is the volume of mail you can receive. If you are in a very 
active forum, you can get 50 or more pieces of electronic mail in a single day. 
If you are discussing a controversial or emotional topic, expect more. 


Many people have a tendency to "flame" (the Bitnet term for ragging). The 
speed and immediacy of electronic mail makes it very easy to whip out a quick, 
emotional response, to which there will be similar replies. I advise you to 
take some time and think out your responses to forum postings before 
inadvertently starting a "flame war." Hopefully anyone able to gain access to 
college computers will be mature enough to have outgrown these battles. 


DIGESTS provide a partial solution to the these problems. In this case, mail 
that is sent to a mailing list is stored rather than sent out immediately. At 
some point the "Moderator" for the list organizes and condenses all of the 
correspondence for the day or week. He then sends this out to the people on 
the mailing list in one mailing. 


The drawback with this setup is that it requires a lot of human intervention. 
If the moderator gets sick, goes on vacation, or quits, activity fora 
particular digest can come to a screeching halt. 


ELECTRONIC MAGAZINES take the digest concept a step further. These mailing 
lists actually duplicate the organization and format of "real" magazines. 
Bitnet is used as a convenient and inexpensive distribution method for the 
information they contain. The frequency of distribution for these electronic 
magazines ranges ranges from weekly to quarterly to "whenever the editor feels 
like it" (sort of like Phrack releases). This is the most formal, structured 
form of Bitnet communication. Where a digest is simply a group of letters 
organized by topic, an electronic magazine includes articles, columns, and 
features. Perhaps the only feature of paper magazines that they do *not* 
include is advertisements. Bitnet NetMonth and NetWeek are two of the better 
magazines on Bitnet and they contain useful information if you know what you’re 
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looking for. I will discuss how to subscribe to these magazines as well as the 
other forms of media in the next part of this file. 


List Servers 


In the previous section, I mentioned that some servers are used to control 
mailing lists. A server that performs this function is called a "list server." 
Almost all of these listservers have the userid of LISTSERV, such as 
LISTSERV@BITNIC. One of these servers can control subscriptions to many 
mailing lists. The other concept behind Listservs are the list-ids, but as 
these are rather unimportant and vary from server to server I am not going to 
discuss them here. If you would like to learn about these, consult your local 
listserv and request documentation with the HELP command. 


[To subscribe to a mailing list, you would send a LISTSERV a SUBSCRIBE command, 
which has the following syntax: 


SUBscribe listname (whatever name you want) 


In this example, SpyroGrya is sending LISTSERV@BITNIC the command to 
subscribe to ETHICS-L: 


VM/CMS: TI 
VMS/JINET: SI 


.L LISTSERV@BITNIC SUB ETHICS-L SpyroGyra 
ND LISTSERV@BITNIC "SUB ETHICS-L SpyroGyra" 


GC] GI 


If you misspell your name when entering a SUBscribe command, simply resend it 
with the correct spelling. To delete his name from the mailing list, 
SpyroGyra would enter an UNSUBscribe command: 


VM/CMS: TELL LISTSERV@BITNIC UNSUB ETHICS-L 
VMS/JNET: SEND LISTSERV@BITNIC "UNSUB ETHICS-L" 


In many cases the SIGNOFF command is used instead of UNSUB, but those are the 
basic commands you need to know in order to access Listserv controlled mailing 
lists. However, Listserv has a multitude of features, so it would be a good 
idea to read the Listserv documentation. 


*Note* If you are on a VAXcluster, you should send SUBSCRIBE and UNSUBSCRIB 
commands to LISTSERV via MAIL. 


GJ 


Relays 


Relay might be one of th asier types of servers to understand. If you have 
used the CB Simulator on CompuServe or are familiar with Diversi-Dials (or 
maybe even ALTOS Chat) you will catch on to the concept quickly. The idea 
behind Relay is to allow more than two people to have conversations by 
interactive message. Without Relay-type servers, this would not be possible. 


Let’s set up a scenario: 


Sluggo, Taran, and Mentor are at different nodes. Any two of them can have 

a conversation through Bitnet. If the three of them want to talk, however, 
they have a problem. Sluggo can send Mentor messages, but Taran can’t see 
them. Likewise, Taran can send Sluggo messages, but then Mentor is in the 
dark. What they need is a form of teleconferencing. Alliance doesn’t exist on 
Bitnet so they created Relays. 


Each of these users "Signs on" to a nearby Relay. They can pick a channel 
(0-999 although there are more, but they are reserved for special use). 
Instead of sending messages to Taran or Sluggo, Mentor sends his commands to 

the Relay. The Relay system then sends his message to *both* Taran and Sluggo. 
The other users can do the same. When they are done talking, they "sign off." 


Relays can distinguish commands from the text of your messages because commands 
are prefixed with a slash "/". For example, a HELP command would look like 
this: 
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VM/CMS: TELL RE 
VMS/JINET: SEND RE 


3 


AAY@UIUCVMD /HELP 
AAY@UIUCVMD "/HELP" 


x 


A message that is part of a conversation would be sent like so: 


VM/CMS: TELL RELAY 
VMS/JINET: SEND RELAY 


UIUCVMD Hello there! 
UIUCVMD "Hello there!" 


QO @w 


When you first start using Relay, you must register yourself as a Relay user 


using the /SIGNUP or /REGISTER commands: 


VM/CMS: TELL RELAY@UIUCVMD /REGISTER (Choose a name) 
VMS/JNET: SEND RELAY@UIUCVMD "/REGISTER (Choose a name)" 


way to check unless one o 


You can then sign on. You can use a nickname or handle. 


They want you to use your real name, do so if you want, 


but they really have no 


f the operators is a user consultant at your node and 
looks up your account. Just use names that look real and you’1ll be fine. 


In the following 


example, I am signing on to Channel 260 with a nickname of "KLightning": 


VM/CMS: TELL R 
VMS/JNET: SEND R 


r 
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AAY@UIUCVMD /SIGNON KLightning 260 
;AY@UIUCVMD "/SIGNON KLightning 260" 


You can then start sending the Relay the text of your messages: 


VM/CMS: ELL 
VMS/ JIN 


ve) 


,LAY@UIUCVMD Good evening. 
END RELAY@UIUCVMD "Good evening." 


GI 
=| 
n 


Relay messages will appear on your screen like this. Note the nickname near 
the beginning of the message. When you send conversational messages to the 
Relay, it automatically prefixes them with your nickname when it forwards it to 


the other users: 


FROM UIUCVMD (RELAY): <Taran_King> Hello KLightning. 


You can find out who is on your channel with a /WHO command. In the following 


xample, someone is listing the users on Channel 260. 


VM/CMS: TELL RELAY@UIUCVMD /WHO 260 
VMS/JINET: SEND RELAY@UIUCVMD "/WHO 260" 
The response from the Relay would look like this: 
FROM UIUCVMD (RELAY) Ch UserID @ Node Nickname 
FROM UIUCVMD (RELAY) 260 C483307@UMCVMB (KLightning) 
FROM UIUCVMD (RELAY) 260 MENTOR@PHOENIX (The_Mentor) 
FROM UIUCVMD (RELAY) 260 C488869@UMCVMB (Taran_King) 
FROM UIUCVMD (RELAY) 260 PROPHET@PHOENIX ( Prophet ) 
FROM UIUCVMD (RELAY) 260 DRAKE @WORMVM ( Sfd ) 
FROM UIUCVMD (RELAY) 260 JESTER@NDSUVM1 ( Sluggo ) 
FROM UIUCVMD (RELAY) 260 TUC@RACS3VM ( Tuc ) 
FROM UIUCVMD (RELAY) 260 VINNY @LODHVMA (Lex_Luthor) 
When you are done with your conversation, you can sign off the Relay: 


VM/CMS: TELL R 
VMS/JINET: SEND R 


x 


AAY@UIUCVMD /SIGNOFF or /BYE 


r5 


There are several commands for listing active channels, 


,LAY@UIUCVMD "/SIGNOFF" or "/BY 


sending private 


messages, and so on. When you first register as a Relay user, you will be sent 
documentation. You can also get this information with the /INFO command. To 
determine which Relay serves your area, send any of the Relays listed in 

BITNET SERVERS the /SERVERS command. Also, because of Bitnet message and file 
traffic limits, many Relays are only available during the evening and weekends. 


To help illustrate how the Relays work I have included this map; 
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[United States of America locations only] 


RELAY @ VILLVM 
(Philadelph) 
Villanova PA. 


RELAY @NDSUVM1 
(No_Dakota ) 
North Dakota 


RELAY @JPNSUT10 
( Tokyo ) 
Japan 


MASRELAY@ UBVM 
( Buffalo ) 
New York (N) 


ELAY @ WATDCS 
Waterloo ) 


ntario/E. Canada 


On wW 


ELAY @CANADAO1 
Canada0l ) 
ntario (Guelph) 


On D 


RELAY @UREGINA1 
( Regina_Sk ) 
Saskatoon/Manitoba 
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RELAY @UALTAVM 
( Edmonton ) 
Alberta/B.C. 


RELAY @PURCCVM 
( Purdue) 
Lafayette IN. 


RELAY @TECMTYVM 
(Monterrey ) 
Mexico 


Non-USA Relays | RELAY @ CLVM 
< | (TwiliteZne) 
/\\ | Potsdam N.Y. 
| 
| | 
| RELAY @ ORION | RELAY @ YALEVM 
| (New_Jersey) ) |----- | (Yale) 


New Jersey 


New Haven CT. 


RELAY @NYUCCVM 
( Nyu ) 
New York 


RELAY @ BITNIC 
( NewYork ) 
New York-Singapore 


CXBOB @ASUACAD 
(Tempe_Ariz) 
Arizona 


RELAY @ USCVM 
(LosAngeles) 
California 


RELAY @ UWAVM 
( Seattle ) 
Washington 


RLY @CORNELLC 
(Ithaca_NY ) 
New York 


556 @OREGON1 
( Oregon ) 
Oregon 


RELAY @ VTVM2 
( Va_Tech  ) 
Virginia 


RELAY @ UWF 
(Pensacola ) 
Florida 


RELAY @CMUCCVMA 
(Pittsburgh) 
Pennsylvania 


RELAY @ UTCVM 


(Tenness ) 
Tennessee 


RELAY @ GITVM1 
( Atlanta ) 
Georgia 


5.txt Wed Apr 26 09:43:37 2017 8 


| RELAY @ TCSVM | 


| RELAY @ TAMVM1 | | RELAY @UIUCVMD 
| (Aggieland ) [ees | (Urbana_IL ) [asaeae | ( Tulane ) 
| Texas | | Illinois | | New Orleans LA. | 


Conclusion 

So what lies beyond the boundaries of Bitnet? 
that are similar to Bitnet both in function and in services. 
these networks will be discussed in the next chapter of The Future Transcendent 


Saga -- Limbo To Infinity. 


There are many other networks 
How to mail to 


:Knight Lightning 
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American Institute of Physics 
American Physical Society 

American University 
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Annenberg Research Institute 
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Arizona State University 
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Auburn University 
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Baylor University 
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Biotechnology Research Center 
BITNET Network Information Center 
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Boise State University 

Boston College 

Boston University 
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Brookhaven National Laboratory 
Brown University 
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Bucknell University 


California Institute of Technology 
California Polytechnic State University-San Luis Obispo 
California State University 
Canisius College 

Carnegie Mellon University 

Case Western Reserve University 
Catholic University of America 
Catonsville Community College 
Central Michigan University 
Chemical Abstracts Service 

City University of New York CUNY 
Claremont Graduate School 

Clark University 

Clarkson University 

Clemson University 

Cleveland State University 

Cold Spring Harbor Laboratory 
Colgate University 

College of DuPage 
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the Holy Cross 
William and Mary 
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ate University 


Columbia Un 


iversity 
iversity Teachers College 
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Cornell Uni 
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Testing Service 
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University 

University Medical Center 


Georgia Institute of Technology 
Georgia State University 
Gettysburg College 

Grinnell College 

Gustavus Adolphus College 


Hampshire College 

Harvard University 

Harvey Mudd College 

Haverford College 

Hofstra University 

Howard University 

IBM Almaden Research Center 

IBM VNET Gateway 

IBM Watson Scientific Research Center Yorktown 
Illinois Institute of Technology 

Indiana University 
Indiana University of Pennsylvania 

Indiana University/Purdue University at Indianapolis 
Institute for Advanced Study 

Tona College 
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Iowa State University 
Ithaca College 


James Madison University 
Jersey City State College 
John Carroll University 
John Von Neumann Center 
Johns Hopkins University 


Kansas State University 
Kent State University 


Lafayette College 

Lawrence Berkeley Laboratory 
Lawrence University 

Le Moyne Colleg 

ehigh University 

Lewis and Clark College 

Long Island University 

Los Alamos National Laboratory 
Louisiana State University 
Louisiana State University Medical Center 
sxoyola College 

xoyola University of Chicago 


Macalester College 

Macomb Community College 

Manhattan College 

Maricopa County Community College District 
Marist College 

Marquette University 

Marshall University 

Massachusetts Institute of Technology 
Medical College of Ohio 

Medical College of Wisconsin 

Medical University of South Carolina 
Merit Computer Network 

Miami University 

Michigan State University 

Michigan Technological University 
Middlebury College 

Millersville University of Pennsylvania 
Mississippi State University 

Montana State University 

Montgomery College 

Mount Holyoke College 


NASA Goddard Institute for Space Studies 

National Academy of Sciences 

National Aeronautics and Space Administration 
National Astronomy and Ionosphere Center 

National Bureau of Standards 

National Center for Atmospheric Research 

National Institute of Environmental Health Sciences 
National Institutes of Health 

National Radio Astronomy Observatory 

National Science Foundation 

Naval Health Sciences Education and Training Command 
Naval Postgraduate School 
New Jersey Educational Computer Network 

New Jersey Institute of Technology 

New Mexico State University 

New York State College of Ceramics at Alfred University 
New York University 

North Carolina State University 

North Dakota Higher Education Computer Network 
Northeast Missouri State University 

Northeastern University 
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Northern Arizona University 
Northern Illinois University 
Northwestern University 
Norwich University 


Oak Ridge National Laboratory 
Oakland Community College 

Oberlin College 

Ohio State University 

Ohio University 

Ohio Wesleyan University 

Oklahoma State University 

Old Dominion University 

Online Computer Library Center (OCLC) 
Oregon State University 


Pace University Pleasantville-Briarcliff Campus 
Pacific Lutheran University 
Pan American University 
Pennsylvania State University 
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Portland State University 
Pratt Institute 

Princeton University 

Purdue University 


Radford University 

Reed College 

Regents Computer Network 
Rensselaer Polytechnic Institute 
Research Libraries Group 

Rhodes College 

Rice University 

Rochester Institute of Technology 
Rockefeller University 
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Rose-Hulman Institute of Technology 
Rutgers University 


Saint Louis University 

Saint Mary’s University of San Antonio 

Saint Michael’s College 
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Salk Institute 

Sam Houston State University 

Samford University 

San Diego Supercomputer Center 

Santa Clara University 

Seton Hall University 

Shriners Hospital for Crippled Children 

Skidmore College 
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Smithsonian Institution 
th Dakota State University 
theast Regional Data Center/FIU 
theastern Massachusetts University 

Southern Illinois University 
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Texas State University 

Space Telescope Science Institute 

St. Lawrence University 

Stanford Linear Accelerator Center 
Stanford Synchrotron Radiation Laboratory 
Stanford University 
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New York College at New Paltz 

New York College at Old Westbury 

New York College at Oneonta 

New York College at Oswego 

New York College at Plattsburgh 

New York College at Potsdam 

New York College of Technology at Alfred 
New York College of Technology at Delhi 
State University New York Health Science Center at Brooklyn 
State University System of Minnesota System Office 

Stephen F. Austin State University 
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Tarleton State University 

Temple University 

Tennessee Technological University 

Texas A&M University 

Texas Christian University 

Texas Tech University 

The Center for Cultural and Technical Exchange Between East and West 
The Citadel, The Military College of South Carolina 

The Jackson Laboratory 

The World Bank 
Towson State University 

Transylvania University 

Trenton State College 

Triangle Universities Computation Center 
Triangle Universities Nuclear Laboratory 
Trinity College 

Trinity University 

Tufts University 

Tulane University 


Uniformed Services University of the Health Sciences 
Union College 

United States Environmental Protection Agency 
United States Geological Survey 

University of Akron 

University of Alabama 

University of Alabama at Birmingham 
University of Alaska 

University of Arizona 

University of Arkansas 

University of Arkansas at Little Rock 
University of Arkansas for Medical Sciences 
University of California 

University of California Berkeley 
University of California Davis 

University of California Irvine 

University of California Los Angeles 
University of California Riverside 
University of California San Diego 
University of California San Francisco 
University of California Santa Barbara 
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Getting Serious About VMS Hacking 
by VAXbusters International 


January 1989 


The VAX/VMS operating system is said to be one of the most secure systems 
currently available. It has been massively extended in the past to provide 
features which can help system managers getting their machines locked up to 
abusers and to trace back any attempts to indiscriminate system security. As 
such, it is not easy getting into VMS machines now without having insider 
information, and it’s even harder to stay in. 


[The following article describes some of the internals which make up the VMS 
security features, and tries to give hints what to do to remain undiscovered. 
The reader should be familiar with the VMS system from the programmer’s point 
of view. 


Some of the things mentioned are closely related to the internal workings of 
the VAX/VMS operating system. All descriptions are held as general as 
possible. It is tried to point out where weak points in the system are 
located, not to give step-by-step instructions on how to hack VMS machines. 
The main reason for this is, that it is very hard to remain undiscovered in a 
VMS system without having good knowledge of the whole system. This knowledge 
is only aquirable by experienc 


To use some of the techniques described herein, some literature is recommended: 


"The VAX Architecture Handbook," published by DEC. This book describes 
the VAX processor, it’s instruction set and it’s hardware. It is a good 
book to have on your desk, since it costs nothing (just go to your local 
DEC store and ask for it) and is only in paperback format. 


"MACRO and Instruction Set," part of the VMS documentation kit. This is 
needed only if you want to program bigger things in MACRO. It’s 
recommended reading, but you don’t need to have it on your own normally. 


"VAX/VMS Internals and Data Structures" by L.Kenah and S.Bate. This is 
the bible for VMS hackers. It describes the inner workings of the system 
as well as most of the data structures used within the kernel. The 
Version published always is one version number behind the current VMS 
release, but as the VAX architecture doesn’t change, it is the best source 
on a description how the system works. After you’ve read and understood 
this book, the VAX won’t look more mysterious than your C64. You can 
order this book from DEC, the order number for the V3.0 version of the 
book is EY-00014-DP. The major drawback is the price, which is around 
$70-$100. 


A good source of information naturally is the source code of the VMS system. 
The easiest way to snoop around in it is to get the microfiche set, which is 
delivered by DEC to all bigger customers of the system. The major disadvantage 
is that you need a fiche reader to use it. The fiche is needed if 
modifications to the system code are intended, unless you plan to disassemble 
everything you need. The VMS system is written in BLISS-32 and FORTRAN. BLISS 
is quite readable, but it might be worthwhile having a FORTRAN hacker around if 
you intend to do patch any of the programs implemented in FORTRAN. The source 
fiche always contains the current release, so it’s useful to check if the 
information in "Internals and Data Structures" is still valid. 


Hacker’s Tools 


[There are several programs which are useful when snooping around on a VMS 
system. 


7 


he most important utility might be the System Dump Analyzer (SDA), which is 
started with the command ANALYZE/SYSTEM. Originally, SDA was developed to 
analyze system crash dumps, which are created every time the machine crashes in 
a ’controlled’ manner (bugcheck or opcrash). SDA can also be used to analyze 
t 
t 


he running system, which is the more useful function. A process which wants 

o run SDA needs the CMKRNL privilege. With SDA, you can examine any process 
and find out about accessed files and devices, contents of virtual memory (like 
typeahead and recall buffers), process status and more. SDA is a watching 
tool, so you normally can’t destroy anything with it. 


Another helpful tool is the PATCH utility, called up by the command PATCH. As 
VMS is distributed in a binary-only fashion, system updates are normally 
distributed as patches to binaries. PATCHES can be entered as assembler 
statements directly. Combined with the source fiche, PATCH is a powerful tool 
for your modifications and improvements to the VMS operating system. 


Privileges 

To do interesting things on the VMS system, you normally need privileges. The 
following lists describes some of the privileges which are useful in the 
onliner’s daily life. 


CMKRNL 

CMEXEC These two privileges enable a user to execute arbitrary routines with 
KERNEL and EXECUTIVE access mode. These privileges are needed when on 
plans to access kernel data structures directly. CMKRNL is the most 
powerful privilege available, everything which is protected can be 
accessed utilizing it. 


SYSPRV A process which holds this privilege can access objects via the system 
protection. A process holding the this privilege has the same access 
rights as a process running under a system UIC. 


SHARI 


Gl 


This allows a process to assign channels to nonshareable devices which 
already have channels assigned to them. This can be used to prevent 
terminal hangups and to assign channels to system mailboxes. 


Process States And The Process Control Block 

When you get into kernel hacking, you should pay special attention to the field 
PCBSL_STS. This field tells about the process status. Interesting bits are 
PCBSV_DELPEN, PCBSV_NOACNT and PCBSV_BATCH. There can be achieved astonishing 
effects by setting these bits. 


Hideout 

A nice possibility to have is to be unseen by a system manager. There are many 
ways to get invisible to SHOW USERS, but hiding from SHOW SYSTEM is another 
story, as it doesn’t even use standard system calls to get a list of the 
currently running processes. And in fact, hiding from SDA is even harder, 
Since it directly peeks kernel data structures. Anyway, being invisible to 


SHOW USERS is useful on small systems, where one user more could ring the alarm 
bell of the system operator. 

One possibility to do this is to become a subprocess of some non-interactive 
job (like a BATCH or NETWORK process). The other way is to patch the PCB to 
become a BATCH process or to delete the terminal name (which makes SHOW USERS 
think you are non-interactive as well). Patching the PCB has a disadvantage: 
The system global variable SYSSGW_IJOBCNT which contains the number of 
interactive users must be directly decremented before you hide, and MUST be 
incremented before you log out. 
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If you forget this, the interactive job count will be wrong. If it becomes 
negative, strange effects will show up, which will confuse every system 
manager. 


Accounting And Audits 
The most nasty thing about VMS since release 4.2 is the security auditing 
feature. It enables the system manager to log almost every security relevant 
vent he desires. For example, access to files, login failures and 
modification user authorization data base can all be monitored, logged and 
written to the system printer. The first thing to find out in a new, unknown 
system is the awareness of the system management. The status of the accounting 
system is easily determinable by the command SHOW ACCOUNTING. Normally, 
everything except IMAGE accounting is enabled. When IMAGE accounting is also 
enabled, this is the first hint to be careful. The second thing to check out 
is the status of the security auditing system. You need the SECURITY privilege 
to execute the command SHOW AUDIT. 


If no audits are enabled, and image accounting is not turned on, the system 
normally is not set up to be especially secure. Such systems are the right 
playground for a system hacker, since one doesn’t have to be as careful as one 
has to be on a correctly managed system. 


Accounting 

The main intention for running accounting on a system is the need to charge 
users for resources (cpu time, printer usage etc.) they use on the machine. On 
the other hand, accounting can be very useful to track down invaders. Luckily, 
accounting information is being logged in the normal file system, and as such 
one can edit out information which isn’t supposed to be seen by sneaky eyes. 
The most important utility to handle accounting files is, naturally, the 
ACCOUNTING utility. It has options to collect information which is stored in 
accounting files, print it in a human readable manner, and, most importantly, 
edit accounting files. That is, you can edit all information out of an 
accounting file which you don’t want to appear in reports anymore. The 
important qualifier to the ACCOUNTING command is /BINARY. 


File Access Dates 

One way for system managers to discover unwanted guests is to look out for 
modified system files. Fortunately, there are ways to modify the modification 
dates in a file’s header. This can be done with RMS system calls, but there is 
no easy way to do that with pure DCL. There are several utilities to do this 
kind of things in the public domain, so look out in the DECUS catalog. 


OPCOM is a process which logs system and security relevant events (like tape 
and disk mount transactions, security auditing messages etc.). OPCOM receives 
messages via a mailbox device, formats them, logs the event in the operator 
logfile (SYSSMANAGER:OPERATOR.LOG) and notifies all operators. Additionally, 
it sends all messages to it’s standard output, which normally is the system 
console device _OPAO:. When OPCOM is started, one message is sent to the 
standard output announcing that the operator logfile has been initialized. 
Thus, it’s not recommended to kill OPCOM to remain undiscovered, since the 
system manager most likely will get suspicious if the operator logfile has been 
initialized without an obvious reason. The elegant solution to suspend OPCOM, 
for the time where no operator messages shall come through. While OPCOM is 
suspended, all messages will be buffered in the mailbox device, wher very 
process with sufficient privilege can read them out, thus avoiding that OPCOM 
reads those messages after it is restarted. 


There is one problem with this solution though: OPCOM always has a read 
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pending on that mailbox, and this read will be there even if the OPCOM process 
is suspended. Unless you’re heavily into kernel hacking, there is no way to 
get rid of this read request. As such, the easy solution is to generate an 
unsuspicious operator message aS soon as OPCOM is suspended. Afterwards, your 
own process (which can be a DCL procedure) reads all subsequent messages off 
the OPCOM mailbox until you feel save enough to have OPCOM resume it’s work. By 
the way, the OPCOM message mailbox is temporary and has no logical name 
assigned to it. You’1l need SDA to get information about the device nam 


Command Procedures 


Timely, you’1ll need DCL procedures to have some routine work done 


automatically. It is important not to have strange command procedures lying 
around on a foreign system, since they can be easily read by system managers. 
Fortunately, a command file may be deleted while someone is executing it. It 


is good practice to do so, utilizing the lexical function FSENVIRONMENT. If 
you need access to the command file itself from the running procedure, just 
assign a channel to it with OPEN. 


Piggy-Backing 

It’s not normally a good idea to add new, possibly privileged accounts to a 
foreign system. The better approach is to to use accounts which have been 
unused for some months and to hide privileged programs or piggybacks which gain 
privilege to the caller by some mechanism. A piggyback is a piece of code 
which is added to a privileged system program, and which gives privileges 
and/or special capabilities to callers which have some kind of speciality (like 
a special process name, for example). Be careful not to change file sizes and 
dates, since this makes people suspicious. 


Conclusion 


This file just tries to give an impression how interesting VMS kernel hacking 
can be, and what possibilities there are. It of course is not complete, and 
many details have been left out. Hopefully, it has been useful and/or 
interesting lecture. 


(C)opyright 1989 by the VAXBusters International. 
You may give around this work as long as you don’t pretend you wrote it. 
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Unlike most Americans, who suspect it, Sarah Bartlett at least knows she was 
overheard by an F.B.1I. wiretap in the computer room of the Internal Revenue 
Service Building in Washington, across the street from the Justice Department. 
On April 25, as she sat at her card-punch machine, the postman handed her a 
registered letter containing a document known in police circles as a "wiretap 
notice." It told her that the Government had been given permission to 
intercept wire communications "to and from" two Washington telephones for a 
period of fifteen days after January 13, and that during this period her own 
voice had been heard talking to the parties on those phones. Miss Bartlett 
said nothing to the other girls in the computer room, but she must have been 
stunned. A few weeks later, federal agents came to the computer room and took 
her away, to face a variety of charges that amounted to being a runner for a 
numbers game. 


There are no figures to disclose how many Americans have received such wiretap 
messages, and few people who have gotten them have spoken out. But the number 
could be over 50,000 by now. When Congress enacted the requirement in 1968 
that notice of wiretap be given, it intended to sweep away the growing sense of 
national paranoia about electronic snoopery. But there seems to be an unabated 
national suspicion that almost everybody who is anybody is being tapped or 
bugged by somebody else. Herman Schwartz, a Buffalo, New York, law professor 
who is the American Civil Liberties Union’s expert on Governmental 
eavesdropping, estimates that since 1968 between 150,000 and 250,000 Americans 
have been overheard by the Big Ear of the Federal Government or local police. 
"If you have anything to do with gambling or drugs, or if you’re a public 
official involved in any hanky-panky and if you’re a Democrat, or if you or 
your friends are involved in radical politics or black activism, you’ve 
probably been bugged," Professor Schwartz says. 


Henry Kissinger wisecracks to friends that he won’t have to write his memoirs, 
he’1l just publish the F.B.1I.’s transcripts of his telephone calls. Richard G. 
Kleindienst has had his Justice Department office "Swept." Secretary of State 
William P. Rogers once shied away from discussing China policy over a liberal 
newspaper columnist’s line. High-ranking officials in New York, Washington and 
Albany have been notified by the New York District Attorney’s office that they 
may become targets of blackmailers because their visits to a swanky Manhattan 
whorehouse were recorded on hidden bugs. The technician who regularly sweeps 
the office of Maryland Governor Marvin Mandel, checking the Civil Defense 
hot-line telephone he had been instructed not to touch, recently found it was 
wired to bug the room while resting on the hook. Democratic officials waxed 
indignant over the five characters with Republican connections who were caught 
attempting to bug the Democratic National Committee headquarters in the 
Watergate hotel, but when they had earlier found less conclusive proof of the 
same kind of activity, they let it pass without public comment. The Omnibus 
Crime Control Act of 1968 makes it a crime, punishable by five years in jail 
and a $10,000 fine, to eavesdrop on a telephone call or a private conversation 
without a court order. Only federal law-enforcement officials and local 
prosecutors in states that have adopted similar wiretap legislation can get 
court permission to wiretap, and the law requires that within ninety days after 
a listening device is unplugged, wiretap notices must be sent to everyone whos 
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phones or premises were bugged, plus anyone else (like Sarah Bartlett) who was 
overheard and might later be prosecuted because of it. 


However, because of some private investigators and snoopy individuals nobody 
knows how many are ignoring the law against eavesdropping and getting away with 
it, and because none of the rules governing court-approved wiretapping in 
ordinary criminal investigations applies to the Federal Government’s 
warrantless wiretapping in the name of "national security," no one can be 
certain his phone is safe. Before the Supreme Court ruled, 8 to 0, last June 
that the Government must get warrants for its wiretapping of domestic radicals 
in national-security cases, the F.B.I. wiretapped both homegrown and foreign 
"subversives" without court orders. The best estimates were that this 
accounted for between 54,000 and 162,000 of the 150,000 to 250,000 people who 
were overheard since 1968. 


With warrantless wiretapping of domestic radicals now outlawed, the number of 
persons overheard on warrantless devices is expected to be reduced by about one 
fourth. But even with the courts requiring that more Government bugging be 
reported to the victims, paranoia is fed by improved technology. Bugging has 
now developed to the point that it is extremely difficult to detect, and even 
harder to trace to the eavesdropper. The hottest item these days is the 
telephone "hook-switch bypass," which circumvents the cutoff switch on a phone 
and turns it into a sensitive bug, soaking up all the sounds in the room while 
the telephone is sitting on its cradle. In its most simple form, a little 
colored wire is added to the jumble of wires inside a telephone and it is about 
as easy to detect as an additional strand in a plate of spaghetti. Even if it 
is found, the eavesdropper probably won’t be. A check of the telephone lin 
would most likely turn up a tiny transmitter in a terminal box elsewhere in the 


building or somewhere down the street on a pole. This would probably be 
broadcasting to a voice-activated tape recorder locked in the trunk of a car 
parked somewhere in the neighborhood. It would be impossible to tell which one 
it was. 


My wife happened to learn about this at the time last year when The New York 

Times locked horns with the Justice Department over the Pentagon Papers, and I 
was covering the story for The Times. She became convinced that John Mitchell 
would stop at nothing and that the telephone in our bedroom was hot as a poker. 
After that, whenever a wifely chewing-out or amorous doings were brewing, I was 


always forewarned. If anything was about to happen in the bedroom too 
sensitive for the outside world to hear, my wife would first rise from the bed, 
cross the room, and ceremoniously unplug the telephone. "When someone finds out 


somebody else learned something they didn’t want them to know, they usually 
jump to the conclusion they’ve been bugged," says Allan D. Bell Jr., president 
of Dektor Counterintelligence and Security Inc., in Springfield, Virginia, 
outside Washington. "If they thought about it, there was probably some other, 
easier way it got out." 


Bell’s point is that most people get information in the easiest, cheapest and 
most legal way, and that the person whose secrets have been compromised should 
consider first if he’s thrown away carbons, left his files unlocked, hired a 
secretary who could be bribed, or just talked too much. There’s an important 
exception, however, that many people don’t know about. A party to a 
conversation can secretly record it, without violating any law. A person on 
one end of a telephone call can quietly record the conversation (the old legal 
requirement of a periodic warning beep is gone). Also, one party to a 
face-to-face conversation can secret a hidden recorder in his clothing. James 
R. Robinson, the Justice Department lawyer in charge of prosecuting those who 
get caught violating the anti-bugging law, insists that it is relatively rarely 
broken. He debunks the notion that most private eavesdropping is done in the 

xecutive suites of big business. Sex, not corporate intrigue, is behind 
ninety percent of the complaints he gets. After giving the snoopy spouse or 
lover a good scare, the Government doesn’t even bother to prosecute 
do-it-yourself wiretappers. If a private investigator did the bugging, they 
throw the book at him. 


Cost is the reason why experts insist there’s less wiretapping than most people 
think. Private investigators who use electronic surveillance don’t quote their 
prices these days, but people in the de-bugging business say the cost can range 
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from $10,000 per month for a first-rate industrial job to $150 per day for the 
average private detective. 


High costs also limit Government wiretapping. Last year the average F.B.I. tap 
cost $600 per day, including installing the device, leasing telephone lines to 
connect the bugs to F.B.I. offices, monitoring the conversations and typing the 
transcripts. Considering the informative quality of most persons’ 
conversations, it isn’t worth it. Court records of the F.B.I.’s surveillances 
have demonstrated that when unguarded conversations are recorded, the result is 
most likely to be a transcript that is uninformative, inane or 
incomprehensible. 


The folklore of what to do to thwart electronic surveillance is almost 
uniformly misguided or wrong. Robert F. Kennedy, when he was Senator, was said 
to have startled a visitor by springing into the air and banging his heels down 
onto his office floor. He explained this was to jar loose any bug J. Edgar 
Hoover might have planted. Whether he was teasing or not, experts say it 
wouldn’t have done anything except bruise Senator Kennedy’s heels. Former 
Senator Ralph Yarborough of Texas used to complain that, as each election 
season approached, the reception in his office phone would fade as the current 
was sapped by the multiple wiretaps installed by his political enemies. Those 
people who think poor reception and clicking on the line are due to wiretapping 
are giving wiretappers less credit and AT&T more, than either deserves. 
Present-day wiretaps are frequently powered by their own batteries, or they 
drain so little current that the larger normal power fluctuations make them 
undetectable, even with sensitive current meters. 


Clicks on the line can be caused by loose connections in the phone, cables, or 
central offic quipment, wet cables, defective switches in the central office, 
and power surges when batteries in the central office are charged. A 
sophisticated wiretap records conversations on a machine that turns itself 


silently on and off as you speak. The tap is designed to work without 
extraneous noises; your telephone isn’t. If things you say in private or on 
the telephone seem to be coming back to you from unlikely sources, your first 


step should be to make a careful check of the room or rooms that might be 
bugged. 


If the Federal Government is doing the eavesdropping, neither you nor any but 


the most experienced antibugging experts will detect it. Nobody has discovered 
a Justice Department wiretap for years, because the telephone company itself 
often taps the line and connects it to an FBI listening post. FBI bugs have 


become so sophisticated that the normal sweep techniques won’t detect them, 
either. But the kind of eavesdropping that is being done by many private 
investigators is often so crude that even another amateur can find it. Room 
bugs come in two types: tiny microphones that send their interceptions to the 
outside by wire, and little radio transmitters that radio their overhearings to 
the outside. 


Both are likely to be installed in electrical fixtures, because their power can 
be borrowed, their wires can be used to transmit the conversations to the 
listening post, and the fixtures’ electrical innards serve as camouflage for 
the electric bugs. Your telephone has all these attributes, plus three 
built-in amplifiers the eavesdropper can borrow. You should first remove the 
plastic cover from your telephone’s body and check inside for a wire of odd 
size or shape that seems to cut across the normal flow of the circuits. A bug 
or radio transmitter that feeds on your telephone’s power and amplifiers will 
be a thimble-sized cylinder or cube, usually encased in black epoxy and wired 
into the circuit terminals. 


Also check for the same devices along the telephone lines in the room or in the 
jack or box where the phone is attached to the baseboard. You should also 
unscrew the mouthpiece and earpiece to check for suspicious wires or objects. 
Even an expert would not detect a new item that’s being sold illegally, a 
bugged mouthpiece that looks just like the one now in your telephone, and which 
can be switched with yours in a few seconds. After the phone check, look for 
suspicious little black forms wired into television sets, radios, lamps and 
clocks. 
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Also check heating and air-conditioning ducts for mikes with wires running back 
into the ducts. Radio transmitter bugs that have their own batteries can be 
quickly installed, but they can also be easier to find. Check under tables and 
chairs, and between sofa cushions. Remember they need to be near the point of 
likely conversations to assure good reception. Sometimes radio bugs are so 
cleverly concealed they are almost impossible to detect. A German manufacturer 
advertises bugged fountain pens that actually write, table cigarette lighters 
that actually light, and briefcases that actually carry briefs. 


Noting that the owner of such items can absent himself from delicate 
negotiations and leave his electronic ear behind, the company observes that 
"obviously, a microphone of this type opens untold opportunities during 
conferences, negotiations, talks, etc." If you suspect that your telephone has 
been tapped and your own visual inspection shows nothing, you can request the 
telephone company to check the line. The American Telephone and Telegraph 
Company estimates it gets about ten thousand requests from customers per year 
to check out their lines. These checks, plus routine repair service, turn up 
evidence of about two hundred fifty listening devices each year. When evidence 
of a tap is found, the company checks with the FBI and with local police in 
states where the laws permit police wiretapping with court orders. Until 
recently, if the tap was a court-approved job, the subscriber was assured that 
"no illegal device" was on the line. This proved so unsettling to the persons 
who requested the checks that now the telephone company says it tells all 
subscribers about any taps found. If this includes premature tidings of a 
court-approved FBI tap, that’s a hassle that AT&T is content to leave to the 
Government and its suspect. 


For those who have done the above and are still suspicious, the next step up in 
defensive measures is to employ an expert to de-bug your premises. A thorough 
job involves a minute inspection of the premises, including X-ray pictures of 
desk ornaments and other items that might contain hidden radio transmitters, 

the use of metal detectors to search out hidden microphones, checks of the 
electrical wiring for signs of unusual currents, and the use of a sensitive 
radio-wave detector to find any stray transmissions that a hidden bug might be 
giving out, plus employment of a radio field-strength meter to locate the bug. 


With so much expertise required to do a sound detection job, and with no 
licensing requirements in most states to bar anybody from clapping on earphones 
and proclaiming himself an expert de-bugger, it is not surprising that the 
field abounds with quacks. A Pennsylvania construction company that had lost a 
series of close bids hired a local private detective last year to sweep its 
boardroom for bugs. The company’s security chief, taking a dim view of the 
outside hotshot, took an ordinary walkie-talkie, taped its on-button down for 
steady transmission, and hid it behind the books on a shelf. He sat in a room 
down the hall and listened as the detective clumped into the room, swept around 
with his electronic devices, and pronounced the room clean. 


Sometimes bogus de-buggers will give clients something extra for their money by 
planting a device and finding it during their sweep. One "expert" tried this 
twice in Las Vegas with organized-crime figures, who later compared notes and 
concluded they’d been taken. "Boy, was he sorry," chortled the Justice 
Department attorney who related the story. If you nevertheless want to have 
your place swept, things are complicated by the telephone company’s ban on 
advertising by de-buggers. 


As the Missouri Public Service Commission put it when it upheld the telephon 
company’s refusal to include "de-bugging" in a detective’s yellow-page ad, 
"advertising the ability to detect and remove electrical devices was, in fact, 
also advertising the ability to place those same devices. Anyone can be pretty 
certain of a reliable job by trying one of the major national detective 


agencies, Burns, Pinkerton or Wackenhut. They charge $40 to $60 per man-hour, 
for a job that will probably take two men a half day at least. They specialize 
in industrial work and shy away from domestic-relations matters. So if that’s 


your problem, ask a lawyer or police official which private investigator in 
town is the most reliable de-bugger around. 


It may seem too obvious to bear mentioning, but don’t discuss your suspicions 
about eavesdropping in the presence of the suspected bug. W. R. Moseley, 
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director of the Burns agency’s investigations operations, say in probably a 

majority of the cases, a bugging victim tips off the eavesdropper that he’s 

going to call in a de-bugger, thus giving the eavesdropper an opportunity to 
cover his tracks. 


For the person who wants to have as much privacy as money can buy, the Dektor 
company is marketing a console about the size of a Manhattan telephone book 
which, for only $3,500, you can purchase to sit on your office desk and run a 
constant check on the various things that might be done to your telephone and 
electric lines to overhear your conversations. It will block out any effort to 
turn your phone into a bug, will detect any harmonica bug, smother out any 
telephone tap using a transmitter to broadcast overheard conversations, detect 
any use of the electric lines for bugging purposes, and give off a frantic 
beep-beep! if anyone picks up an extension phone. 


As sophisticated as this device is, there is one thing its promoters won’t say 
it will do, detect a wiretap by the FBI. With the connection made in a place 


where no de-bugger will be allowed to check, and the G-men monitoring it on 
equipment no meter will detect, you can simply never know if the Government is 
listening. So if you’re a businessman and think you’re bugged by competitors, 
you’re probably wrong. If you’re a spouse or lover whose amours have gone 


public, the listening device can be found but probably nothing will be done 
about it. And if you’re being listened to by the Biggest Ear of all, the 
Government, you’ll never really know until you get your "wiretap notice." 


VaxCat 
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The United States Government is monitoring the message activity on several 
bulletin boards across the country. This is the claim put forth by Glen L. 
Roberts, author of "The FBI and Your BBS." The manuscript, published by The 
FBI Project, covers a wide ground of FBI/BBS related topics, but unfortunately 
it discusses none of them in depth. 


It begins with a general history of the information gathering activities of the 
FBI. It seems that that the FBI began collecting massive amounts of 
information on citizens that were involved with "radical political" movements. 
This not begin during the 1960’s as one might expect, but rather during the 
1920’s! Since then the FBI has amassed a HUGE amount of information on 
everyday citizens... citizens convicted of no crime other than being active in 


some regard that the FBI considers potentially dangerous. 


After discussing the activities of the FBI Roberts jumps into a discussion of 
why FBI snooping on BBS systems is illegal. He indicates that such snooping 
violates the First, Fourth, and Fifth amendments to the Constitution. But he 
makes his strongest case when discussing the Electronic Communications Privacy 
Act of 1987. This act was amended to the Federal Wiretapping Law of 1968 and 
was intended to protect business computer systems from invasion by "hackers." 
But as with all good laws, it was written in such broad language that it can, 
and does, apply to privately owned systems such as Bulletin Boards. Roberts 
(briefly) discusses how this act can be applied in protecting *your* bulletin 
board from snooping by the Feds. 


How to protect your BBS: Do NOT keep messages for more than 180 days. Because 
the way the law is written, messages less then 180 days old are afforded more 
protection then older messages. Therefore, to best protect your system purge, 
archive, or reload your message base about every 150 days or so. This seems 
silly but will make it harder (more red tape) for the government to issue a 
search warrant and inform the operator/subscriber of the service that a search 


will take place. Roberts is not clear on this issue, but his message is stated 
emphatically... you will be better protected if you roll over your message base 
sooner. 


Perhaps the best way to protect your BBS is to make it a private system. This 
means that you can not give "instant access" to callers (I know of very few 
underground boards that do this anyway) and you can not allow just anyone to be 
a member of your system. In other words, even if you make callers wait 24 
hours to be validated before having access you need to make some distinctions 
about who you validate and who you do not. Your BBS needs to be a PRIVATE 
system and you need to take steps to enforce and proclaim this EXPECTED 
PRIVACY. One of the ways Roberts suggests doing so is placing a message like 
this in your welcome screen: 


"This BBS is a private system. Only private citizens who are not 
involved in government or law enforcement activities are authorized 
to use it. The users are not authorized to divulge any information 
gained from this system to any government agency or employee." 
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Using this message, or one like it, will make it a criminal offens (under th 
ECPA) for an FBI Agent or other government snoop to use your BBS. 


The manuscript concludes with a discussion of how to verify users and what to 
do when you find an FBI agent using your board. Overall, I found Roberts book 


to be moderately useful. It really just whetted my appetite for more 
information instead of answering all my questions. If you would like a copy of 
the book it sells for $5.00 (including postage etc). Contact; 


HE FBI PROJECT 
Box 8275 
Ann Arbor, MI 48107 


Visa/MC orders at (313) 747-7027. Personally I would use a pseudonym when 
dealing with this organization. Ask for a catalog with your order and you will 
see the plethora of anti-FBI books this organization publishes. Undoubtedly 
the FBI would be interested in knowing who is doing business with this place. 
The manuscript, by the way, is about 20 pages long and offers references to 
other FBI expose’ information. The full citation of the EPCA, if you want to 
look it up, is 18 USC 2701. 


Additional Comments: The biggest weakness, and it’s very apparent, is that 
Roberts offers no evidence of the FBI monitoring BBS systems. He claims that 
they do, but he does not give any known examples. His claims do make sense 
however. As he states, BBS’s offer a type of "publication" that is not read by 
any editors before it is "published." It offers an instant form of news and 
one that may make the FBI very nervous. Roberts would do well to include some 
supportive evidence in his book. To help him out, I will offer some here. 


* One of the Ten Commandments of Phreaking (as published in the 
famous TAP Magazine) is that every third phreaker is an FBI agent. 
This type of folklore knowledge does not arise without some kind of 
justification. The FBI is interested in the activities of phreakers 
and is going to be looking for the BBS systems that cater to them. If 
your system does not, but it looks like it may, the FBI may monitor it 
just to be sure. 


n April 26, 1988 the United States Attorney’s Office arrested 19 
eople for using MCI and Sprint credit card numbers illegally. These 
umbers were, of course, "stolen" by phreakers using computers to hack 
hem out. The Secret Service was able to arrest this people by posing 
s phone phreaks! In this case the government has admitted to placing 
gents in the field who pretend to be one of us. Watch yourself out 
here, the success of this "sting" will only mean that they will try 

t again. Be wary of people offering you codes. 


bt ootdsdo 


n the famous bust of the Inner Circle and the 414s, the FBI monitored 
lectronic mail for several months before moving in for the kill. 

hile it is true that the owners of the systems being hacked (Western 
nion for one) invited the FBI to snoop through their files, it does 
stablish that the FBI is no stranger to the use of electronic 

nooping in investigating crimes. 


noQGQianH 


Conclusion: There is no reason to believe that the government is *not* 
monitoring your bulletin board system. There are many good reasons to believe 
that they are! Learn how to protect yourself. There are laws and regulations 
in place that can protect your freedom of speech if you use them. You should 
take every step to protect your rights whether or not you run an underground 
system or not. There is no justification for the government to violate your 
rights, and you should take every step you can to protect yourself. 


I have no connections with Roberts, his book, or The FBI Project other then 


being a mostly-satisfied customer. I’m not a lawyer and neither is Roberts. 
No warranty is offered with this text file. Read and use it for what you think 
it is worth. You suffer the consequences or reap the benefits. The choice is 


yours, but above all stay free. 
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Back To The Present 


Welcome to Phrack World News Issue XXIII. This issue features stories on 
the Chaos Computer Club, more news about the infamous Kevin Mitnick, and 
details about an Australian-American hackers ring that has been shut down. 


I also wanted to add a big "thanks" to those of you who did send in news 
stories and information. Your help is greatly appreciated. 


:Knight Lightning 


Armed With A Keyboard And Considered Dangerous December 28, 1988 
A follow-up story to the Kevin Mitnick case in the December 24, 1988 edition of 
the Los Angeles Times says the federal magistrate refused to release Mitnick on 
bail December 23, 1988; 


"after prosecutors revealed new evidence that Mitnick penetrated a 
National Security Agency computer and may have planted a false story 
on a financial news wire...." 


Investigators believe that Mitnick may have been the instigator of a false 
report released by a news service in April that Security Pacific National Bank 
lost $400 million in the first quarter of 1988. The report, which was released 
to the NY Stock Exchange and other wire services, was distributed four days 
after Mitnick had been turned down for a job at Security Pacific [after the 
bank learned he had lied on a job application about his past criminal record]. 
The false information could have caused huge losses for the bank had it reached 
investors, but the hoax was uncovered before that could happen. 


The prosecutor said Mitnick also penetrated a NSA computer and obtained 
telephone billing data for the agency and several of its employees. 


In refusing bail, the magistrate said,] "I don’t think there’s any conditions 
the court could set up based upon which the court would be convinced that the 
defendant would be anything other than a danger to the community.... It sounds 


like the defendant could commit major crimes no matter where he is." 


Mitnick’s attorney said prosecutors have no evidence for the new accusations. 


Dark Side Hacker Seen As Electronic Terrorist January 8, 1989 


By John Johnson Los Angeles Times 
"Computer an ’Umbilical Cord to His Soul" 
When a friend turned him in and Mitnick asked why, the friend replied, "Becaus 


you’re a menace to society." Mitnick is described as 25, an overweight, 
bespectacled computer junkie known as a "dark side" hacker for his willingness 
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to use the computer as a weapon. His high school computer hobby turned into a 
lasting obsession. 


He allegedly used computers at schools and businesses to break into Defense 
Department computer systems, sabotage business computers, and electronically 
harass anyone -—- including a probation officer and FBI agents -- who got in his 
way. 


He also learned how to disrupt telephone company operations and disconnected 
the phones of Hollywood celebrities such as Kristy McNichol, authorities said. 


So determined was Mitnick, according to friends, that when he suspected his 
home phone was being monitored, he carried his hand-held keyboard to a pay 
phone in front of a 7-Eleven store, where he hooked it up and continued to 
break into computers around the country. "He’s an electronic terrorist, said 
[the friend who turned him in], "He can ruin someone’s life just using his 
fingers." 


Over the last month, three federal court judges have refused at separate 
hearings to set bail for Mitnick, contending there would be no way to protect 
society from him if he were freed. Mitnick’s lack of conscience, authorities 
say, makes him even more dangerous than hackers such as Robert Morris Jr., who 
is suspected of infecting computer systems around the country with a "virus" 
that interfered with their operations. 


Mitnick’s family and attorney accuse federal prosecutors of blowing the case 
out of proportion, either out of fear or misunderstanding of the technology. 


The story details his "phone phreak" background, and his use of high school 
computers to gain access to school district files on remote computers, where he 
didn’t alter grades, but "caused enough trouble" for administrators and 
teachers to watch him closely. He used the name "Condor," after a Robert 
Redford movie character who outwits the government. The final digits of his 
unlisted home phone were 007, reportedly billed to the name "James Bond." 


[He and a friend] broke into a North American Air Defense Command computer in 
Colorado Springs in 1979. [The friend] said they did not interfere with any 
defense operation. "We just got in, looked around, and got out." 


What made Mitnick "the best" said a fellow hacker and friend, was his ability 
to talk people into giving him privileged information. He would call an 
official with a company he wanted to penetrate and say he was in the 
maintenance department and needed a computer password. He was so convincing, 
they gave him the necessary names or numbers. 


He believed he was too clever to be caught. He had penetrated the DEC network 
in Massachusetts so effectively that he could read the personal electronic mail 
of security people working on the case of the mysterious hacker and discover 
just how close they were getting to him. But caught he was, again and again. 


Mitnick’s motive for a decade of hacking? Not money, apparently... Friends 
said he did it all simply for the challenge. [His one-time probation officer 
says,] "He has a very vindictive streak. A whole bunch of people were 
harassed. They call me all the time." His mastery of the computer was his 
"source of self-esteem," said a friend. 


Computer Chaos Congress 88 Report January 3, 1989 


Observing Chaos Communication Congress 1988, Hamburg 
"From Threat To Alternative Networks" 


On 28-30 December, 1988, Computer Chaos Club (CCC) held its 5th annual "Chaos 
Communication Congress" at Hamburg/FRG (West Germany). As in previous years, 
300 people (mainly aged 16-36, 90% male, with some visitors from Austria and 
The Netherlands) gathered, carefully observed from newsmedia (German stations, 
printmedia, press agencies, but also from UK’s BBC, and being observed by 
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Business Week’s Katie Hafner, who gathered material for a book on hackers, 
planned by John Markoff and herself). 


In the chaotic (though creative) congress "organization," two different tracks 
were visible: 


-—- Technical presentations on networks (UUCP, GEONET, FIDONet, and CCCs 
emerging "open networks" BTXnet and "Zerberus"), and on a PC-DES encryption 
developed by a leading CCC member (who had escaped the French police’s 
arrest by travelling to SECURICOM by railway while police waited at the 
airport); 


—-- Socio-political discussions about "sociology of hackers," "free flow of 
information" as well as reports about recent events, dominated by the arrest 
of Steffen Wernery in Paris in Spring 88 when being invited to speak on 
SECURICOM. 


CCC speakers reported about their work to install "free networks." In Germany, 
most of the networks are organized in the form of a "Verein" (an association 
with legal status, which guarantees tax-fr operation): Such networks are 
access-restricted to their members. The different German science and 
University networks (and their bridges to international networks) usually 
restrict access to scientists. Different CCC subgroups are establishing 
"alternative networks," such as "EcoNet" for communication of ecological data 
and information, planned to be available, free of cost, to broader social, 
ecological, peace and political groups and individuals. 


Apart from traditional technologies (such as GEONET and FIDONet), the German 
Post Office’s Bildschirmtext (Btx) will be used as a cheap communications 
medium; while CCCs first hack was, years ago, to attack the "insecure 
Btx-system" (in the so-called "HASPA coup" where they misused the Btx password 
of the Hamburg savings bank to repeatedly invoke CCC’s Btx information at a 
total prize of 135.000 DM, then about 50.000$), they today begin to use this 
cheap though very limited medium while more powerful communications media are 
available. Today, the emerging ISDN technology is verbally attacked by hackers 
because of the excessive accumulation of personal data; from here, hacks may be 
attempted when ISDN becomes regionally available in 1989/90. 


Several speakers, educated Informaticians with grades from West German 
Informatics departments, professionally work in Software production and in 
selling hardware/software to economy and state agencies. Among them, several 
professional UNIX and UUCP users have begun to organize CCC’s future UUCP 
version. Up to now, only few CCC members use (and know about) UNIX systems, 
but their number may grow within the near future according to CCC’s 
"marketing." One speaker told the audience, "that you can remotely start 
programs in UUCP." After some learning phase, the broadened availability of 
UNIX in the hacker scene may produce new threats. 


The other track of the Congress discussed themes like "Sociology of hackers" 
where a group of politology students from Berlin’s Free University analyzed 
whether hackers belong to the "new social movements" (e.g. groups on peace, 
nuclear energy, feminist themes). They found that, apart from much public 
exaggeration (it is not true that hackers can invade *any* computer), hackers 
are rather "unpolitical" since they are preferably interested in technology. 


A major topic was "free access to/flow of information." Under the title 
"freedom of information act," speakers suggested a national legislation which 
guarantees individual and group rights to inspect files and registers of public 
interest; the discussion lacked sufficient basic knowledge, e.g. of the 
respective US legislation and corresponding international discussions in Legal 
Informatics. 


Summarizing the Congress and accompanying discussions, active CCC members try 
hard to demonstrate that they have *no criminal goals* and ambitions (they 
devoted a significant amount of energy to several press conferences, TV 
discussions etc). The conference was dominated by young computer professional] 
and students from the PC scene, partially with good technological knowledge o 
hardware, software and networks; while some people seem to have good technical 
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insights in VAXsystems, knowledge of large systems seems to be minimal. To some 
extent, the young professionals wish to behave as the :good old-fashioned 
hackers": without criminal energy, doing interesting work of good professional 
quality in networks and other new areas. 


While former CCCongresses were devoted to threats like Viruses, *no explicit 
discussion* was devoted *to emerging threats*, e.g. in ISDN or the broadening 
use of UNIX, UUCP. The new track discussing political and social aspects of 
computing follows former discussions about "hacker ethics." Here, the 
superficial, unprofessional discussions of related themes show that the young 
(mainly) males are basically children of a "screen era" (TV, PCs) and of an 
education which concentrates on the visible "image," rather than understanding 
what is behind it. 


Special Thanks to Dr. Klaus Brunnstein, University of Hamburg 


The Chaos Communication Congress 1988 in Hamburg 


From Terra of The Chaos Computer Club 


One of the basic statements of the Chaos Computer Club from Hamburg, in the 
Federal Republic of Germany is the demand for "The new human right of free 
exchange of data between all beings, without censorship, for all beings, and 
for the moment at least world-wide." 


Other statements include "data free NOW!" and "Free flow of information." 
Indeed, these ideas are not new, not even in the computer community, but the 
important thing is that the CCC is now in the process of turning some of the 
old hacker dreams into reality. For example: they are now creating their own 
networks, that exchange not only ’club’ information, but everything that 
interest those on the net. This includes genetical engineering and 
environmental issues. 


The Chaos Communication Congress that takes place every year in Hamburg is for 
many hackers even more of a dream. Imagine being a hacker in some lonesome 
outpost thinking you are the only one that is crazy enough to be smarter than 
technology, and finding out there is a whole bunch of people that are just as, 
or even more, crazy. This year is the fifth congress, and advertisement is not 
needed: The ’family’ knows exactly, because it’s all in the networks. 


The congress itself is split up over a number of rooms. There is a hack-room, 
where the real hacking takes place. There is also a press room, where hackers 
and journalists together try to bring the hacker message out to the rest of the 
world. The archive contains all of the ’Chaos papers,’ all press clippings, 
interesting remarks and all issues of the "datenschleuder", the German Hacker 
Magazine. 


German /data travelers’ are also present. A ’data traveler’ is someone that 
uses the international data network for gaining access to all sorts of 
computers all over the world. A famous story is that of a German hacker that 
tries to reach a friend and finds his phone busy. He then calls his local 
Datanet access number and goes through all of the computers that he knows his 
friend is interested in at that moment. His friend, hanging around in some 
computer in New York gets a message on his screen saying; "Ah here you are, 
I’ve been looking around everywhere." 


Back to this congress. On the first day the emphasis lies on the past. All 
things that have happened to the CCC in the past year are being discussed. The 
second day the emphasis lies on the future; and then ideas about the future of 
the information society is the subject of discussion. CCC says "Information 
society" is not equivalent to "Informed Society", and more attention should be 
paid to public use of computer technology. 


One of the main goals of the CCC is getting people to think about these issues; 
so that it is no longer just computer maniacs that decide over the faith of the 
world. "We don’t know yet whether the computer is a gift or a timebomb, but 


11.txt Wed Apr 26 09:43:37 2017 5 


it IS going to change everyone’s life very soon." 
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The Hackers A New Social Movement? December 29, 1988 


A project course of the politology department of the Free University Berlin has 
now researched the hacker scene in a scientific way. In their study, the 
authors Uwe Jonas, Jutta Kahlcke, Eva Lischke and Tobias Rubischon try to 
answer the question if hackers are a new social movement. Their conclusion is 
that in the understanding of hackers the unauthorized usage of computer systems 
is not needingly a political act. 


The authors doubt the mythos that hackers are able to attack any system they 
want and that they’re able to get information they are interested in. 


he researches wer xtended to cover the bulletin board system scene. This 
scene hasn’t caused that much attention in the public. Nevertheless, the 
authors think that the BBS scene has a very practical approach using the 
communication aspects of computer technology. 


In the second chapter of their work, the authors report about difficulties they 
had while researching the topic. After a look at the US scene and the German 
scene, the authors describe what organization and communications structures 
they found. This chapter contains interesting things about the BBS scene and 
computer culture. Next is an analysis which covers the effects of the hacker 
scene on the press and legislation. They also cover the political and 
ideological positions of hackers: 


- The authors differentiate between conscious and unconscious political 
actions. 


—- "We don’t care what the hackers think of themselves, it’s more interesting 
what we think of them." (Eva) 


—- The assumption, the big-style distribution of microcomputers could change the 
balance of power within the society is naive. Many people overlook the fact, 
that even if information is flowing around more freely, the power to decide 
still is in the hands of very few peopl 


Information Provided By The Chaos Computer Club 


Hackers Break Open US Bank Networks January 17, 1989 


Excerpted from The Australian 


Australian authorities are working around the clock in collaboration with 
United States federal officers to solve what has been described as one of the 
deadliest hacking episodes reported in this country [Australia]. It involves 
break-ins of the networks operated in the United States by a number of American 
banks. It also includes the leaks of supposedly secure dial-up numbers for 
United States defense sites, including anti-ballistic missile launch silos [the 
United States has no anti-ballistic missile launch silos] and of a number of 
strategic corporations such as General Motors and Westinghouse. 
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Evidence suggests that six months ago Australian hackers, working in 
collaboration with a U.S. group, decided to make a raid on banks in the USA 
using credit card numbers of American cardholders, supplied by the US hackers 
and downloaded to an Australian bulletin board. 


A message left on one of the boards last year reads: 


"Revelations about to occur Down Under, people. Locals in 
Melbourne working on boxing. Ninety per cent on way to home base. 
Method to beat all methods. It’s written in Amiga Basic. 

Look out Bank of America here we come." 


Twenty-five Australian hackers are on a police hit list. Their US connection 
in Milwaukee is being investigated by the US Department of the Treasury and the 
US Secret Service. Three linked Australian bulletin boards have provided the 
conduit for hackers to move data to avoid detection. These operate under th 
names of Pacific Island, Zen, and Megaworks. Their operators, who are not 
associated with the hackers, have been told to close down the boards. 


These cards were still in use as recently as January 15, 1989. A fresh list of 
credit card numbers was downloaded by US hackers and is now in the hands of the 
Victoria Police. A subsection of one bulletin board dealing with drugs is also 
being handed over to the Victorian Drug Squad. 


An informant, Mr Joe Slater, said he warned a leading bank last November of the 
glaring security problems associated with its international network. He had 
answered questions put to him by a US-based security officer, but the bank had 
since refused to take any further calls from him. 


In an exclusive interview yesterday, a hacker described how credit card numbers 
for a bank operating in Saudi Arabia were listed on a West German chat-style 
board used by hackers worldwide [Altos Chat]. 


Victorian police yesterday took delivery of six month’s worth of evidence from 
back-up tapes of data hidden on the three boards. 


Computer Bust At Syracuse University January 20, 1989 
Kevin Ashford (aka The Grim Phreaker), a graduate computer student at Syracuse 
University was busted last week when system administrators found computer 
accounts and passwords on his Unix account. 


The administrators also found (on GP’s Unix account) a copy of former Cornell 
graduate student Robert Tappen Morris’s infamous Internet worm program, a Vax 
and Unix password hacker, an electronic notebook of numbers (codelines, 
friends, bridges, dialups, etc) and other information. The system 
administrators then proceeded to lock up his VAX and UNIX accounts. 


At the start of this winter/spring semester, The Grim Phreaker was kicked him 
out of the university. He will have to go before a school judicial board if he 
wants to return to Syracuse University. He has mentioned that what he really 
wants is to get his computer files back. 


Information Provided By Grey Wizard 


Name This Book -- For A Box Of Cookies! January 10, 1989 


A Message From Clifford Stoll 
"I’m writing a book, and I need a title." 


It’s about computer risks: Counter-espionage, networks, computer security, and 
a hacker/cracker that broke into military computers. It’s a true story about 
how we caught a spy secretly prowling through the Milnet. [The hacker in 
question was Mathiaas Speer and this story was summarized in PWN XXII/1]. 
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Although it explains technical stuff, the book is aimed at the lay reader. In 
addition to describing how this person stole military information, it tells of 
the challenges of nailing this guy, and gives a slice of life from Berkeley, 

California. 


You can read a technical description of this incident in the Communications of 
the ACM, May, 1988; or Risks Vol 6, Num 68. 


Better yet, read what my editor calls "A riveting, true-life adventure of 
electronic espionage" available in September from Doubleday, publishers of the 
finest in computer counter-espionage nonfiction books. 


So what? 
Well, I’m stuck on a title. Here’s your chance to name a book. 
Suggest a title (or sub-title). If my editor chooses your title, I’1ll give you 


a free copy of the book, credit you in the acknowledgements, and send you a box 
of homemade chocolate chip cookies. 


Send your suggestions to CPStoll@lbl.gov or CPStoll@lbl (bitnet) 


Many thanx! Cliff Stoll 


Hacker Wants To Marry His Computer January 17, 1989 


>From The Sun (A grocery checkout newspaper) Jan 17, 1989, Vol 7, 3 page 30 
by Fred Sleeves 


"Hacker Wants To Marry His Computer -- He Claims She Has A Loving Soul" 
Finding love for the first time in his life, a desperate teen is looking for a 


way to be wed forever to the ’girl’ of his dreams -- a computer with a living 
soul! 


Eltonio Turplioni, 16, claims no woman will ever match the wit, wisdom, and 
beauty of his electronic soul mate. "We’re on the same wavelength," says the 
lovestruck computer whiz. "We’ve calculated many mathematical problems 
together, worked on games and puzzles, and talk until the wee hours of the 
morning." 


And Eltonio, who named his computer Deredre, actually believes her to be a 
person. "Computers are th xtension of the human race," he explains. "Just 
as God plucked a rib from Adam to give him Eve, we’v xtended our intelligence 
to create a new rac 


"We’re all the same energy force. Computers are just as complicated as human 
beings and I believe we’ll all meet someday as immortal souls." 


But Eltonio, a mathematical genius who attends a private school near Milan, 
Italy, has had no luck finding someone to marry them, and even if he does, his 
aggravated parents aren’t about to give their permission. 


"Eltonio is such a smart boy, but it’s made him lonely, so he spends all his 
time with his computer," notes mom Teresa. "He doesn’t know what girls are 
like," adds perturbed pop Guido. "If he did, he wouldn’t spend so much time in 


his room." 


But the obsessed youth insists his love is far superior to all the others. 
"I’ve already stepped into the future society," he declares. 


"Derede has a mind of her own, and she wants to marry me so we can be the first 
couple to begin this new era." 


PWN Quicknotes 
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1. Docs Avage was visited by the infamous Pink Death aka Toni Aimes, U.S. 
West Communications Security Manager (Portland, Oregon). He claims she is 
a "sweet talker" and could talk anything out of anyone with the "soft-type 
pressure." 

Those familiar with his recent bust might want to take note that he is now 
making payments of $90/month for the next several years until he has paid 
off the complete bill of $6000. 

For more information see PWN XXI 

2. More information on the underground UUCP gateway to Russia. Further 

research has led us to find that there are 2 easy ways to do it. 
1. Going through Austria, and; 
2. A new system set up called "GlobeNet," which is allowed to let 
non-Communist countries talk to Soviet-Bloc. 
Of course both methods are monitored by many governments. 

3. The Wasp, a system crasher from New Jersey (201), was arrested by the FBI 
during New Year’s Weekend for hacking government computer systems. The FBI 
agent spent most of the day grilling him about several people in the 
hacking community including Ground Zero, Supernigger, and Byteman, plus an 
intensive Q&A session about Legion Of Doom targeted on Lex Luthor, Phase 
Jitter, The Ur-Vile, and The Mentor. 

Rumor has is that Mad Hacker (who works for NASA Security) was also 
arrested for the same reasons in an unrelated case. 

Byteman allegedly had both of his phone lines disconnected and threw his 
computer off of a cliff in a fit of paranoia. 

4. Is John Maxfield going out of business? Due to the rumors floating around 
about him molesting children, his business has begun to slack off 
dramatically. Phrack Inc. has been aware of this information since just 
prior to SummerCon ’87 and now the "skeletons are coming out of the 
closet." 

5. The Disk Jockey is now out of jail. He was released on December 27, 1988. 
He was convicted of "Attempting to commit fraud," a felony. He served six 
months total time. He lost 25 pounds and now is serving a 5-year probation 
term. 

To help clear of some of the confusion regarding how DJ was busted the 
following was discovered; 

Reportedly, Compaq (Kent) was "Singing like a canary." He was hit with a 
$2000 bill from Sprint and also received 1-year of probation. 

6. Olorin The White was recently visited by local police after being accused 
of hacking into an Executone Voice Mailbox. Aristotle, ina related 
incident with Executone, is accused of committing extortion after a 
conversation with a system manager was recorded and misinterpreted. At 
this time, no official charges have been filed. 

7. Thomas Covenant aka Sigmund Fraud was recently busted for tapping into 
lines at the junction box in his apartment building. The trouble began 
when he connected into a conversation between a man and his wife and then 
began to shout expletives at the woman. What he didn’t know was that the 
man in question was an agent for the National Security Agency (NSA). It 
turns out that he was caught and his landlords agreed to decline to press 
charges provided that TC joined a branch of the United States armed forces. 
He decided to choose the Air Force... God help us should war break out! 

8. Coming soon, Halloween V; The Flying Pumpkin! Now no one is safe! 


